We strongly encourage the adoption of Single Sign-On (SSO) for all campus-related applications, especially those handling sensitive information. SSO provides centralized visibility and control over client access, making it easier to demonstrate compliance with regulatory requirements such as GDPR, HIPAA, and FERPA. Audit trails and logs can be generated to track user activity and access to sensitive data.
SSO allows users to log in once and gain access to multiple systems without the need to re-enter credentials for each service. SSO not only simplifies the login experience but also enhances security by tying the credentials to a RCS account and requiring Multi-Factor Authentication (MFA) on the application.
The combination of SSO with MFA significantly reduces the risk of unauthorized access by preventing an attacker who possess the correct credentials from impersonating someone. An attacker often finds reused passwords that were leaked from a breach at no fault of the user or easily guessable passwords. Attackers may also target a person and attempt to social engineer the password from them, phishing is a common way of doing this. MFA can stop an attacker who posses the correct credentials by requiring the user to use something they have, like a phone, to complete the authentication process. By centralizing user authentication, SSO also provides administrators better control over access management and security policies.
Integrating with SSO can be easy. For existing and new applications you can submit a Support Request via https://itssc.rpi.edu and someone will work with you to integrate into our SSO.