Google’s single sign-on service is catching on. The web search giant is now expanding its identity service to be included in more desktop and mobile apps.
With expanded support for OpenID connect Identity Provider, administrators of Google Apps will now be able to add the single sign-on service to mobile applications as well as software as a service (SaaS) applications through the Google apps marketplace.
To benefit SaaS providers, Google has also expanded support for SAML (Security Assertion Markup Language) 2.0 and simplified the process of adding custom SAML app integrations.
The Benefits of Single Sign-On
More organizations are adopting the single sign-on service because it greatly enhances application security. This service eliminates the need for employees to remember complicated passwords for every application they use. They simply sign in using their Google apps credentials.
With single sign-on, users can seamlessly switch between different Google applications, including Gmail and Drive without having to enter a password every time.
Because single sign-on makes it easier for users to log into their applications, IT workload is reduced. Some companies have seen a 25% reduction in help desk tickets. At DoIT international, 20% less time is spent on troubleshooting. The company has noted that Google’s identity service makes it much easier to log into services the company uses every day, like Zendesk and Salesforce.
Increased Adoption of Single Sign-On
Currently, Google offers single sign-on support for external applications through SAML. Some external applications that use single sign-on include:
- Amazon Web Services
Now, the new OpenID enhancements will allow administrators of Google Apps to offer the same seamless login across more applications to their employees.
From the console, administrators can now turn on the single sign-on service and integrate the service into the SaaS apps integrated in Google Apps. In this way, Google Apps acts as the identity management server, which means individual user IDs and passwords no longer have to be managed by administrators.
Video streaming giant Netflix took advantage of Google’s support for OpenID Connect standards when migrating over to a 100% cloud-based, single sign-on solution.
Although SAML is still not sufficient for mobile apps, the new enhanced OpenID can be used for SaaS and IT mobile apps. When SAML 2.0 was created, it was done so with the assumption that users would be using desktop web browsers. This has made it difficult to adapt the system to mobile devices.
The enhanced OpenID allows mobile developers to incorporate single sign-on using SAML without having to resort to workarounds. Now, the single sign-on feature can be enabled by developers by simply following the API guidelines Google provides on their Identity Platform.
The identity services offered by Google can also be used in conjunction with the enterprise mobile management controls that Google Apps offers. This includes lock screen requirements, password strength, and app management. These can now be combined with other mobile security options, like Smart Lock. With these extra layers of security, mobile devices and apps can both be protected.
Administrators who are looking to enable the single sign-on service can visit Google’s administrator help pages for a step-by-step guide.
Adoption of access management and cloud-based identity services is expected to increase significantly over the next few years, organizations are now looking for ways to outsource functions, like password management, access management single sign-on, and user provisioning. A recent study shows that the global market for identity management services will reach $3.5 billion by 2020.
Much of this growth can be attributed to an increased integration of a variety of applications and services on the cloud. Other mobile trends, like BYOD (bring your own device) are also adding to the increased adoption of cloud-based identity services.