Cisco SSO makes Cisco IT environments more userfriendly and secure in the current challenge with the sheer number of identities, user names and passwords everyone has to remember. In this blog we will show the overall SSO business benefit but we will also explain how we can complement the basic Cisco SSO with a specific SSO solution for Cisco desktop telephones in hybrid flex-office environments.
In the ‘traditional on-premises era’, organizations had a central business server and employees usually only had to remember one identity to access business information. Now mobile/hybrid working has become mainstream, many employees have a work PC, laptop, tablet and access to multiple remote applications, all with their own secure login. Evolution to client and server applications and use of the Internet through multiple devices has dramatically increased the number of credentials users have to remember. Keeping track of passwords and system identities within the workplace has therefore become a constant challenge.
IT managers are also struggling with password headaches, with a need to reduce the help desk costs associated with forgotten usernames and passwords and security challenge that come from staff writing down their passwords on pieces of paper placed in drawers, or on Post-It notes attached to computer screens. There is also an issue to secure, control, and audit the passwords associated with privileged accounts.
As a result, Single sign-on (SSO) has become the nirvana for the modern business. Single sign-on (SSO) is an identification method where users can access multiple applications and websites with one set of login credentials. SSO eases password management and improves security as workers access applications that are on-premises as well as in the cloud. The advantages of using single sign-on include:
• Improves security by enabling users to have just one sign-in, avoiding ‘password Post-Its’
• Reduces user time spent re-entering passwords for the same identity with one log-in
• Reduces IT costs due to lower number of IT help desk calls about passwords
SSO uses centralised authentication servers that all other applications and systems utilise for authentication purposes, and combines this with techniques to ensure that users do not have to actively enter their credentials more than once. Different applications and resources support different authentication mechanisms. This means that creating a single sign-on solution is not simple, as it has to internally translate and store different credentials compared to what is used for initial user authentication.
Current SSO solutions also have limitations. Typical SSO solutions support interfaces to the vast majority of Cisco systems and other applications, as well as other remote applications. However, automatic logging into a Cisco desk phone is not supported. Cisco supports mobility for desk phone user via the so called Extension Mobility feature. People can log into a desk phone and uploads their personal contacts and settings. Unfortunately, an Extension Mobility user has to log in with a username and PIN, which makes it a cumbersome procedure. As a consequence people often don’t login at all or – if they do log in – they don’t log out after their session. So, either incoming calls remain unanswered or phones are left open for unauthorized calls.
This problem can be solved by a number of RSconnect solutions. Using the Active Login Manager, the EM login will be done automatically if the user opens their laptop. Another option is the Active Login App which allows one-click logging in via a QR code. And finally, the CUCM EM feature can be integrated with flex-office reservation software via our Business Connector. In any of the solutions, it is not necessary anymore to to enter a Username and PIN at your IP phone device. Essentially, all solutions offer a kind of SSO connector for Cisco desk phones.