In a world where “Sign in with Google” rules, it feels almost unbelievable that we used to have to remember usernames and passwords for every account or application we touched online. That reality was even more cumbersome for HR and IT administrators, who had to keep a whole company’s worth of usernames, license numbers, passwords, and the like up to date.
The introduction of SSO changed all of that. But times have changed again, and beneath the promise of seamless identity and access management lies a complicated reality many startups and small businesses aren’t ready for. In this blog post, I’ll talk you through how SSO has changed over the years to now encompass much more than many businesses need and why it’s time for an alternative.
SSO historically: a lifesaver
The value of SSO is undeniable and it was met with open arms: Employers could reduce help desk requests about forgotten passwords, saving everyone time. SSO created a strong access point that reduced vulnerabilities by consolidating login credentials and improving overall security. Password fatigue became a thing of the past, ostensibly boosting productivity.
Various SSO providers, like Okta, used a bookmark-like system to locally save passwords for easier logins. This approach, while user-friendly, had terrible inherent security risks. Over time, as technology evolved, application vendors started configuring SSO instances using Security Assertion Markup Language (SAML), an XML-based standard for exchanging authentication and authorization information between different systems. You can think of SAML as basically an additional layer of authentication on top of SSO.
Then Google Workspace and OAuth came along and changed all of that. OAuth, short for Open Authorization, is a standard for access delegation adopted by companies like Google, Amazon, Facebook — anywhere you can “Sign in with ___.” For example, when you use “Sign in with Google,” you are giving Google permission to handle credentials for you without you needing to enter additional credentials or passwords.
SSO today: more than you need
Because it’s so easy to implement, more modern application vendors have adopted “Sign in with Google,” and they don’t charge for it. This has made the need for SAML-based SSO nearly obsolete — especially for startups and SMBs, 70% of which operate on Google Workspace to begin with.
So IAM providers have bucketed functionality like provisioning/deprovisioning and lifecycle workflow into the SSO definition. There’s SAML support, but then you also need Life Cycle Management, API Access Management, Workflows, etc. And the more features, the higher the price tag.
The problem is that these protocols are often intertwined, forcing you to configure SAML, SCIM, and JIT to authenticate and manage users That’s fine for enterprise-level operations where there are resources to implement and manage all of this (and maybe other reasons for using those standards) but when it comes to startups and SMBs, it’s simply overkill.
One of the issues is that IAM providers currently focus on providing a blanket of capability across everything you could do, instead of focusing on everything you need to do now. And, of course, you have to build it all yourself.
It’s time for a new approach to SSO: There has to be an option that sits between either tracking permissions and credentials in a spreadsheet or going all in with an expensive enterprise-level solution.
SSO tomorrow: a task-centric approach
YeshID is a new identity and access management tool built specifically for startups and SMBs working in Google Workspace. Instead of taking an over-comprehensive approach to SSO that may overwhelm customers and inflate costs, we focus on the real tasks that startups and SMBs face today — the stuff you just need to work and to be secure.
We believe in starting with the task in mind and tailoring solutions to meet those specific needs while using foundational best practices that pave the way for scalable and secure operations management as you grow.
- A single dashboard allows you to monitor access requests and IT licenses, and the management of onboard and offboard tasks across all your apps.
- Access levels you can configure by department or function make onboarding and offboarding a breeze.
- Passkeys, based on FIDO standards, offer a secure and streamlined sign-in alternative to passwords. They’re phishing-resistant, simplify account registration, and are compatible across multiple devices, including those in close proximity.
- Transparent pricing means no hidden costs or surprise upsells.
We provide smart defaults that ensure you don’t have to start from scratch or spend valuable resources on re-engineering the digital identity processes. This not only saves time but also ensures companies adopt best practices early, without having to be experts in digital identity.
SSO and you: join us
The SSO landscape isn’t keeping up with the needs of startups and SMBs today. It’s time to move away from complex and costly solutions and embrace simplicity and efficiency.
If this vision of streamlined, low-overhead identity and access management, we invite you to join our Beta. You get early access to YeshID and your experience will help us shape the future of SSO for small businesses. Get more info, and join us today.