We are in an era where computer tools with single connections are multiplying and staff turnover is accentuated. Not to mention the sharing of increasingly sensitive data. Managing access and permissions can become a long and complex process. This is why Dialog Insight wants to simplify and secure everything by offering SSO to its customers. Indeed, it is possible to add single sign-on (SSO) for connection to the DI platform.
What is SSO?
Definition
SSO stands for Single Sign-On and is a procedure that allows a user to access multiple IT services with only one authentication.
Having data security and the user experience of its customers at heart, Dialog Insight has chosen to implement an SSO by SAML 2.0 protocol in its platform. SSO by SAML involves the sharing of authentication data and authorizations between a Service Provider (SP) and an Identity Provider (IdP).
SSO with SAML
Thanks to SAML, the customer uses his own identity provider, as an intermediary, to access the Dialog Insight platform. This protocol allows users to connect to our platform, without even having to configure a user account beforehand. The customer’s user data is not hosted at Dialog Insight, it is the identity provider that manages authentication data and confirms access authorization.
Any user already authenticated on this first system can use the Dialog Insight platform (the service provider) without having to connect directly to it.
Why choose single sign-on?
Single sign-on benefits both the organization itself and its users. For the user, this saves time when connecting and avoids the issue of creating different passwords. For the organization, this simplifies the management of access and permissions. Whether it is a new employee or when one is leaving, only one action is necessary to add or remove access since it is all centralized in the same place. This limits data leakage, since no access outside the main system is possible. When an employee leaves, it is no longer possible to access any accounts that were controlled by the identity provider once they are disconnected.
SSO also allows the customer to apply their own security rules for user authentication to the Dialog Insight platform. This means, for example, that the client controls password rules (repetitive connection errors, account blocking, etc.), connection compliance rules (working hours, place of work, connection from authorized workstations, etc.) and multi-factor authentication mechanisms (biometrics, authentication applications, etc.)
The benefits in a nutshell
- Better user experience: Faster login, no forgetting password or typing;
- Simplifies password management: Login to different services and applications using a single login, avoids having to create multiple passwords;
- Simplifies access and permissions management: Saves time, everything is controlled in one place;
- Allows you to apply your own security rules: Password rules, connection compliance rules, multi-factor authentication mechanisms;
- Strengthens data security: Avoids repetition of the same password for different accounts, restricts access to data outside the main system;
- Increased Compliance: Enables better data privacy, as user data is not shared to the service provider.
How to set up the SSO protocol?
In order to be able to use single sign-on to connect to the Dialog Insight platform, you must:
- Beforehand, have an Identity Provider (IdP) compatible with the SAML 2.0 protocol
as well as a technical resource who masters the internal environment.
Your identity provider must also allow the addition of custom fields to user profiles.
- Contact the account manager at Dialog Insight to request the activation of this option. It will also be necessary to design a set of permission groups in the DI platform that cover all the permissions to be granted to users.
- Configure Identity Provider to Enable SAML 2.0 Identity Provider Feature and Permission Groups
- When the SSO option is enabled in the DI platform, the login page will display a button to redirect to the authentication service. A Dialog Insight account will be created or updated using information provided by the system.
Switch to SSO now!
Dialog Insight strongly recommends the implementation of such a data protection measure. We are available to help our clients configure the single sign-on procedure. Do not hesitate to contact our team of experts for more information.