Before organisations start any SSO project, it is necessary to carefully consider the interdependencies of data, applications and devices.
This article was written by Thierry Bettini, Director of International Strategy, Ilex International.
How to protect business data without imposing onerous authentication processes on employees is a challenge that most businesses have or will face. While Single Sign-On (SSO) solutions can improve this process by managing access to multiple applications using a single login and password, choosing the right SSO solution can be difficult. It largely depends on the company’s existing IT environment, priorities and objectives. Often, financial companies may already have separate SSOs in place to cover different environments and all these individual solutions have to be maintained, operated, supervised and audited.
From a cost perspective and for ease of use, Global SSO is a much more practical choice, covering every specific SSO challenge from a single platform. This allows financial organisations to invest at their own pace, while leveraging previous investments and creating a global coverage model. To find out why this is important, let us first review the SSO landscape of today.
Review of the current SSO Landscape
Enterprise SSO or eSSO: Business driver - improving user experience
In our experience, the main driver in implementing eSSO internally is to make users’ lives easier. It requires the deployment of one (or more) components on workstations connected to an organisation’s IT systems. It works by injecting secondary credentials, such as users’ logins and passwords into applications which have previously been ‘enrolled’. It is particularly useful if you need to secure access to a range of assorted applications (e.g. thick client, web, and mainframe). However it does require a specific installation on each workstation by the IT department.
Web Access Management (WAM or Web SSO) – implementing ‘access control’
WAM is designed specifically to secure web-based architectures such as extranet/intranet portals. Although WAM only applies to web applications, it generally enforces a stronger level of security than eSSO, thanks to the implementation of advanced access control rules. Unlike eSSO, it does not require deployment on each workstation, but may sometimes require specific developments at the application level.
Identity Federation - improving authentication and access for the extended enterprise
Technically, Identity Federation is a way to operate web SSO authentication using industry standard protocols (SAMLv2, OAuth2, OpenID Connect, and WS-Federation). From a business perspective, its main benefit is to allow different legal entities to safely Exchange authentication and access rights information, thus providing users with a single secure authentication experience between distinct web domains. This spares finance companies from having to manage their partners' identities. It also helps set up specific identity management infrastructures for each operational entity within a complex organisation.
Mobile SSO – securing mobile access
Mobile SSO provides SSO functions (eSSO, WAM, Identity Federation) to mobile devices, securing access to applications within an organisation’s IT systems from these devices. This market is still relatively immature, but has been stimulated by the boom in mobile devices and their impact on business usage. Currently, many financial companies rely on specific developments for mobile SSO due to the lack of alternative solutions on the market.
Major risk: implementing different SSO solutions for similar authentication needs
Let us now consider a typical scenario, where a finance organisation wants to deploy strong authentication, Single Sign-On and audit users’ access to its IT systems, in order to improve both the user experience and IT security.
The organisation’s IT systems will typically include:
Internal and external applications (running in SaaS, Cloud mode), managed or not, based on various technologies (thick client, web, virtualised application, mainframe) with different levels of sensitivity and criticality
Internal or external users of managed PCs (or otherwise) or on other devices (thin clients, mobile devices), some of which will require strong authentication
In this situation, a need for eSSO, Web Access Management, Identity Federation and Mobile SSO solutions has been identified by the company and these solutions have been deployed step by step, possibly over several years, depending on priorities. In our experience, in most cases the result can be described as follows:
An eSSO solution has been deployed internally on each connected workstation to enhance the user experience through single authentication and to enable autonomous password reset
A Web Access Management solution is used to protect web applications deployed on the intranet/extranet.
Identity Federation is in place, dedicated to B2B exchanges with partners or used to improve user experience while accessing external applications such as O365, GoogleApps, SalesForce
A Mobile SSO solution secures access to the IT systems from mobile devices and mitigates the security risks associated with Bring Your Own Device (BYOD)
The solutions are based on market software packages, open source components or in-house solutions. In most cases, the organisation has to administer, maintain, operate, supervise and audit four separate environments to address very similar authentication needs.
But it is now possible to get round this scenario.
Global SSO: a new generation of SSO
Global SSO offers a potential holy grail for IT departments, with a 360-degree view of access to the IT systems.
Now, financial institutions can benefit from a single common infrastructure to operate and supervise authentication and access, operating a single administration interface to configure every instance of SSO, along with a single audit point providing traceability of all user access across all IT applications.
Before organisations start any SSO project, it is necessary to carefully consider the interdependencies of data, applications and devices. A global SSO solution can not only cover the companies' short term needs, but it can also become part of a long term strategic access management approach, providing the right features in a scalable and iterative manner.
This article was written by Thierry Bettini, Director of International Strategy, Ilex International.
How to protect business data without imposing onerous authentication processes on employees is a challenge that most businesses have or will face. While Single Sign-On (SSO) solutions can improve this process by managing access to multiple applications using a single login and password, choosing the right SSO solution can be difficult. It largely depends on the company’s existing IT environment, priorities and objectives. Often, financial companies may already have separate SSOs in place to cover different environments and all these individual solutions have to be maintained, operated, supervised and audited.
From a cost perspective and for ease of use, Global SSO is a much more practical choice, covering every specific SSO challenge from a single platform. This allows financial organisations to invest at their own pace, while leveraging previous investments and creating a global coverage model. To find out why this is important, let us first review the SSO landscape of today.
Review of the current SSO Landscape
Enterprise SSO or eSSO: Business driver - improving user experience
In our experience, the main driver in implementing eSSO internally is to make users’ lives easier. It requires the deployment of one (or more) components on workstations connected to an organisation’s IT systems. It works by injecting secondary credentials, such as users’ logins and passwords into applications which have previously been ‘enrolled’. It is particularly useful if you need to secure access to a range of assorted applications (e.g. thick client, web, and mainframe). However it does require a specific installation on each workstation by the IT department.
Web Access Management (WAM or Web SSO) – implementing ‘access control’
WAM is designed specifically to secure web-based architectures such as extranet/intranet portals. Although WAM only applies to web applications, it generally enforces a stronger level of security than eSSO, thanks to the implementation of advanced access control rules. Unlike eSSO, it does not require deployment on each workstation, but may sometimes require specific developments at the application level.
Identity Federation - improving authentication and access for the extended enterprise
Technically, Identity Federation is a way to operate web SSO authentication using industry standard protocols (SAMLv2, OAuth2, OpenID Connect, and WS-Federation). From a business perspective, its main benefit is to allow different legal entities to safely Exchange authentication and access rights information, thus providing users with a single secure authentication experience between distinct web domains. This spares finance companies from having to manage their partners' identities. It also helps set up specific identity management infrastructures for each operational entity within a complex organisation.
Mobile SSO – securing mobile access
Mobile SSO provides SSO functions (eSSO, WAM, Identity Federation) to mobile devices, securing access to applications within an organisation’s IT systems from these devices. This market is still relatively immature, but has been stimulated by the boom in mobile devices and their impact on business usage. Currently, many financial companies rely on specific developments for mobile SSO due to the lack of alternative solutions on the market.
Major risk: implementing different SSO solutions for similar authentication needs
Let us now consider a typical scenario, where a finance organisation wants to deploy strong authentication, Single Sign-On and audit users’ access to its IT systems, in order to improve both the user experience and IT security.
The organisation’s IT systems will typically include:
Internal and external applications (running in SaaS, Cloud mode), managed or not, based on various technologies (thick client, web, virtualised application, mainframe) with different levels of sensitivity and criticality
Internal or external users of managed PCs (or otherwise) or on other devices (thin clients, mobile devices), some of which will require strong authentication
In this situation, a need for eSSO, Web Access Management, Identity Federation and Mobile SSO solutions has been identified by the company and these solutions have been deployed step by step, possibly over several years, depending on priorities. In our experience, in most cases the result can be described as follows:
An eSSO solution has been deployed internally on each connected workstation to enhance the user experience through single authentication and to enable autonomous password reset
A Web Access Management solution is used to protect web applications deployed on the intranet/extranet.
Identity Federation is in place, dedicated to B2B exchanges with partners or used to improve user experience while accessing external applications such as O365, GoogleApps, SalesForce
A Mobile SSO solution secures access to the IT systems from mobile devices and mitigates the security risks associated with Bring Your Own Device (BYOD)
The solutions are based on market software packages, open source components or in-house solutions. In most cases, the organisation has to administer, maintain, operate, supervise and audit four separate environments to address very similar authentication needs.
But it is now possible to get round this scenario.
Global SSO: a new generation of SSO
Global SSO offers a potential holy grail for IT departments, with a 360-degree view of access to the IT systems.
Now, financial institutions can benefit from a single common infrastructure to operate and supervise authentication and access, operating a single administration interface to configure every instance of SSO, along with a single audit point providing traceability of all user access across all IT applications.
Before organisations start any SSO project, it is necessary to carefully consider the interdependencies of data, applications and devices. A global SSO solution can not only cover the companies' short term needs, but it can also become part of a long term strategic access management approach, providing the right features in a scalable and iterative manner.
“We Bundled, Unbundled, and Now We’re Rebundling Financial Apps”: Guava’s McCracken
Executive Interview with Naaem Aslan | Zaye Capital Markets | FMLS:24
Executive Interview with Naaem Aslan | Zaye Capital Markets | FMLS:24
🔍 Dubai’s Rise as a Global Business Hub: Insights from Naeem Aslam
In this interview, Naeem Aslam, discusses Dubai's growing significance as a global business and financial center. With its strategic location, Dubai offers a favorable time zone for trading global markets, particularly the U.S. stock markets, giving businesses a competitive edge. Access to a diverse and efficient talent pool, competitive salaries, and an exceptional quality of life have positioned Dubai as an attractive destination for industry participants worldwide.
#fmls #fmls24 #fmevents #RetailTrading #markets #trading
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
🔍 Dubai’s Rise as a Global Business Hub: Insights from Naeem Aslam
In this interview, Naeem Aslam, discusses Dubai's growing significance as a global business and financial center. With its strategic location, Dubai offers a favorable time zone for trading global markets, particularly the U.S. stock markets, giving businesses a competitive edge. Access to a diverse and efficient talent pool, competitive salaries, and an exceptional quality of life have positioned Dubai as an attractive destination for industry participants worldwide.
#fmls #fmls24 #fmevents #RetailTrading #markets #trading
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Hugh Whelan | ACI | FMLS:24
Executive Interview with Hugh Whelan | ACI | FMLS:24
🔍 The Future of FX #Liquidity, Payments, and Data: Insights from ACI UK's Hugh Whelan
In this interview, Hugh Whelan, President of ACI UK and Head of #Liquidity Management & Data at SGX, explores the evolving FX market structure, the growing role of data #analytics, and the need for responsible liquidity management. Hugh emphasizes the importance of quality liquidity—beyond just pricing—and highlights how relationship-driven approaches remain critical, even in today's data-driven landscape.
#fmls #fmls24 #fmevents #payments #data
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
🔍 The Future of FX #Liquidity, Payments, and Data: Insights from ACI UK's Hugh Whelan
In this interview, Hugh Whelan, President of ACI UK and Head of #Liquidity Management & Data at SGX, explores the evolving FX market structure, the growing role of data #analytics, and the need for responsible liquidity management. Hugh emphasizes the importance of quality liquidity—beyond just pricing—and highlights how relationship-driven approaches remain critical, even in today's data-driven landscape.
#fmls #fmls24 #fmevents #payments #data
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Yaacov Heidingsfeld | TraderTools | FMLS:24
Executive Interview with Yaacov Heidingsfeld | TraderTools | FMLS:24
Swimming Naked, Swimming Blind: The Truth About Liquidity in FX Markets
In this interview, Yakov Heidingsfeld, CEO of TraderTools, explores the complexities of liquidity management in the FX market. He highlights that while acquiring #liquidity may seem straightforward, the real challenge lies in understanding and managing customer flow. #Brokers often misrepresent flow quality—knowingly or unknowingly—leading to breakdowns in relationships with liquidity providers. Using advanced tools, such as real-time dashboards and AI-driven predictive models, Yakov emphasizes the importance of analyzing customer behavior, trading patterns, and time-based flow to better categorize traders and optimize pricing strategies.
#fmls #fmls24 #fmevents #fm #forex
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Swimming Naked, Swimming Blind: The Truth About Liquidity in FX Markets
In this interview, Yakov Heidingsfeld, CEO of TraderTools, explores the complexities of liquidity management in the FX market. He highlights that while acquiring #liquidity may seem straightforward, the real challenge lies in understanding and managing customer flow. #Brokers often misrepresent flow quality—knowingly or unknowingly—leading to breakdowns in relationships with liquidity providers. Using advanced tools, such as real-time dashboards and AI-driven predictive models, Yakov emphasizes the importance of analyzing customer behavior, trading patterns, and time-based flow to better categorize traders and optimize pricing strategies.
#fmls #fmls24 #fmevents #fm #forex
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Daniel Moczulsky | eToro | FMLS:24
Executive Interview with Daniel Moczulsky | eToro | FMLS:24
Executive Interview with Daniel Moczulsky, Managing Director UK at eToro at the Finance Magnates London Summit 2024
#fmls #fmls24 #fmevents #RetailTrading #FintechInnovation #nvidia #DigitalAssets #GlobalFinance #globalbanking
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Daniel Moczulsky, Managing Director UK at eToro at the Finance Magnates London Summit 2024
#fmls #fmls24 #fmevents #RetailTrading #FintechInnovation #nvidia #DigitalAssets #GlobalFinance #globalbanking
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Michael Higgins | Hidden Road & ATFX | FMLS:24
Executive Interview with Michael Higgins | Hidden Road & ATFX | FMLS:24
Michael Higgins, the newly appointed International CEO of Hidden Road, shared insights into his expanded role and the evolving landscape of digital assets during an exclusive interview with Yam Yeshosua , Editor-in-Chief of Finance Magnates, at the London Summit (FMLS:24).
Moreover, he revealed Hidden Road’s plans to launch fixed income operations by early 2025, while expanding its multi-asset trading capabilities.
#fmls #fmls24 #fmevents #crypto #digitalassets
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Michael Higgins, the newly appointed International CEO of Hidden Road, shared insights into his expanded role and the evolving landscape of digital assets during an exclusive interview with Yam Yeshosua , Editor-in-Chief of Finance Magnates, at the London Summit (FMLS:24).
Moreover, he revealed Hidden Road’s plans to launch fixed income operations by early 2025, while expanding its multi-asset trading capabilities.
#fmls #fmls24 #fmevents #crypto #digitalassets
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!