Still using passwords? SSO is the future.

Cybersecurity for Financial ServicesWealth Management SecurityCPA CybersecurityCybersecurity For Accountants
Written By Randall Bellows III

I’ve seen the future of your business and IT operations, and I want to share it with you: Single Sign On, or SSO for short. What is SSO? Let me explain.

Stylized illustration of a single key floating before several open doors in a surreal cloudscape, symbolizing one login unlocking multiple accounts with SSO.

One key to unlock them all

Right now, you likely have a patchwork of online accounts.

The only thing that might be binding your accounts together are the passwords that your Chrome or Firefox browser has saved for you. (If you need an anecdote on why this may not be a good idea, read a story about how I cleaned up a hacked Chrome password manager here.) Maybe you’re still memorizing your passwords, in which case you have a handful of variations that are susceptible to being compromised. Maybe you have a password manager and are using it diligently.

Regardless of how neat your password hygiene, passwords are something called "shared secrets," which means they are vulnerable to being intercepted, or stolen in a data breach. When your password is stolen in a data breach, it doesn't matter how secure you made it. In other words, this is a big part on why passwords are old news.

Don’t forget onboarding employees can also be a pain in the butt. Creation of 6 different accounts. Oh, wait, new person still don’t have access to everything? Both HR and IT’s time and resources are wasted during this process.

What if I told you that there is a world beyond passwords, and it is an amazing one. No more password resets, hacked accounts, or multi-step onboarding processes… just logged in, productivity bliss. The future will be passwordless.

“But Randall, can you really define SSO for me?”

Alright, SSO is where you leverage something called an “Identity Provider,” or “IdP” (such as Microsoft’s Entra ID, or Okta) as a single point of authorization (aka "auth") to log into multiple online accounts and devices that you and your employees use every day.

The advantage to this is that once you create a new employee’s account in your IdP, the creation cascade across all of software services that you have enrolled with SSO. Now with a single action, your employee has a log in for Zoom, Slack, Box, DocuSign, and password manager account (not every online account supports SSO, but at least you can make password management even more efficient). They can also use SSO to sign into their devices (laptops, phone, etc).

Additionally, because of the advanced options for signing in with SSO, you can also couple your employee's accounts with easy to use, phishing resistant forms of auth. This instantly strengthens your small business's security posture with enterprise grade security. This kind of auth cannot be stolen in a data breach, because the server you are logging into will never know your "secret" (similar to a password) due to the type of encryption SSO can be configured to use.

Close‑up of a glowing green FIDO2 security key plugged into a laptop’s USB port, representing hardware‑based passkey authentication.

Could you imagine just tapping on of these little guys to get into all your accounts? So simple! Much secure!

Alternately, when you offboard someone from your team, you simply deactivate their account in the IdP, which disables their computer, as well as the rest of their SSO logins, making offboardings easier for everyone.

Enterprises have been using SSO for years.

It’s how they onboard and offboard employees quickly and efficiently, while keeping their current workforce’s technology secure. Now it’s time for small business to start adopting SSO for their employees too.

Not only is SSO simpler and more efficient for your team, it’s also more secure. Start moving your company towards the future with SSO.

Key Takeaways

  • Passwords are yesterday’s news. Because they’re shared secrets, a breach anywhere can expose them everywhere.

  • SSO = one identity, all access. Your IdP (Microsoft Entra ID, Okta, etc.) issues the login once, and every SSO enabled app, and even the employee’s laptop, opens its doors.

  • Onboarding / offboarding in one click. Create or deactivate the IdP account and Zoom, Slack, DocuSign, and laptop follow automatically. No more 6 app checklists.

  • Built‑in, phishing resistant security. Passkeys / FIDO2 tie the private key to the user’s device, so nothing reusable is ever stored on a server or leaked in a breach.

  • Enterprise grade made SMB simple. You get Fortune 500 speed and protection without Fortune 500 complexity or cost.

  • Future‑proof your stack today. Moving to SSO now means fewer password headaches, happier users, and a security posture that scales as you grow.

South Park meme: office worker at a computer with captions ‘Finally got used to my new password’ and ‘aaaand it expired.’

NIST (who is an authority on the subject) no longer recommends regularly rotating passwords, unless there is evidence of a breach

If you want to talk about SSO, and other means of making your organization more automated, efficient, and secure, book a 15 minute meeting with me.

Randall Bellows III

Founder of Be Co - Technology Consultant, vCIO, Creative

https://beco.technology
Next

A new client came to me after they had lost $325,000 in a hack. How did it happen?