g) Benefits in Using an IdP
Any Identity Provider regardless what the product is, adds benefits to user experience and organisations IT management in comparison to traditional legacy methods to authenticate users.
Under sub pages one can find use cases for an IdP and benefits that are particular to Olevi IdP.
Improved user experience
Traditionally users have had to use user id and password combination to sign in to services added possibly with another factor (Multi Factor - MFA) for increased security. Managing and remembering separate user identities and credentials for them can be cumbersome for users especially nowadays when separate credentials should be used for each different service for increased security.
Users often fail to maintain separate credentials and have poor practices in storing credential info or fall into phishing attacks which lead to decreased security and stolen accounts or data breaches.
Federated authentication provides Single Sign On (SSO) option where user can authenticate only once and get access to all services connected to SSO solution.
In addition in regard to organisations own users:
- One familiar mathod and web page to authenticate to all common services inside domain
- Single Multi Factor method used to all connected services instead of multiple different service oriented implementations
- Possibility to use organisation’s own credentials or authentication methods to access endless list of third party applications
- Human Resources (HR) system
- Customer Resources Management (CRM) system
- Financial Management Systems
- Company Intranet
- Company Documentation and Resource servers
- Wiki
- Folders and File Sharing
- Concurrent Versions System (CVS) for managing source code (git, svn)
In addition in regard to external users and customers (CIAM)
- Customers can benefit from federated authentication from Social Media applications and services that they use daily instead of separate credentials
- Possibility to connect to strong authentication methods from single point instead of implementing separately to each service
- Possibility to have separate authentication methods depending on necessary Levels of Assurance (LoA)
- Decreased transactional costs
- Partner users can authenticate using their organisation’s own credentials instead of separate guest/external account or guest/external credentials
Improved IT management
In addition to user benefits, organisations’ IT management departments benefit greatly when authentication can be federated to SSO-system in comparison to traditional credential management
- Consolidate multiple identity sources
- Decreased work load used in users and credentials management
- Decreased Service Desk support demand
- No need to reset forgotten passwords
Improved security
- Single Sign On (SSO) removes necessity to manage separate credentials for each service
- Users can authenticate to separate services with one Identity Provider which they know
- Reduces credentails phishing risks
- Possibility to use modern passwordless authentication methods