- Passwords are stolen and hacked because they are sometimes stored in clear-text form. So please do not store passwords in clear in a Database. It is advised that passwords be stored hashed and encrypted. It is preferred that passwords be stored in directories. Any LDAP standard based directory is a good choice. Microsoft Active Directory and OpenLDAP are quite popular.
- Passwords are stolen and hacked because your users are creating multiple accounts on multiple external Websites and Apps. So each user now has multiple passwords, and each password is stored at a remote vendor site, outside of the IT Department’s control. Also, it is not clear how these passwords are stored and secured by the vendor, and who within the vendor’s organization has access to such password databases.
- It is recommended that you unify user passwords from multiple sources into one or more repositories of passwords and user identity data that are always in your control and supervision. You can use a wide variety of off-the-shelf identity integration software tools to unify passwords and user identity data into one or more repositories. This eliminates password proliferation.
- Adopt open-standards compliant secure federated single sign-on to enable single password based access for users to Apps. Federated single sign-on eliminates the need to share user passwords with Apps and Websites. Open-source Shibboleth SAML based SSO solution is best for such deployments since Shibboleth has been tested and reviewed openly by security experts world-wide for over 15 years. Shibboleth is vastly superior to any commercial alternative in terms of security, reliability, standards-compliance and robustness.
- Adoption of federated single-sign (SSO) will make sure that your User passwords will no longer leave your enterprise Active Directory (LDAP) that is under your control in the IT Department. Therefore, External App Vendors and the Apps will no longer have access to User passwords. Huge improvement in password security.
Flat-fee Cloud-hosted and Managed SSO Service.
As you know Cloud Computing has taken off in a big way, growing by double/triple digits in some markets. Cloud Computing continues to be adopted by the IT departments as an extension to their existing data centers. 9STAR has taken the lead in revolutionizing the Shibboleth SSO technology by adapting it for the Cloud. Now you can easily provision and host your SSO Identity Provider Service in the Cloud and let 9STAR experts handle the technical complexities of Shibboleth, SAML, CAS and ADFS SSO standards. This is a great way to introduce federated SSO within your organization for your staff and users, without incurring heavy cost burden and risks.
Here are some highlights of the Elastic SSO Enterprise Cloud Service offering:
- Hosted SSO service in the Cloud in your local region, and managed by 9STAR.
- SSO Identity Provider service fully compatible with the Shibboleth, SAML, CAS and ADFS SSO standards.
- Integrates with existing Active Directory/LDAP authentication store.
- Multi-factor authentication.
- Integrates with thousands of enterprise Apps.
- Flat-fee pricing, unlimited users.
- Hassle-free, automatic updates, upgrades, support and maintenance.
- No need to purchase and manage machines, software, hardware, network,….
- No need to hire expert staff to manage SSO IT infrastructure.
- Improved privacy, security and compliance.
- 24X7 uptime SLA.
For more information or questions about this offering, please do not hesitate to contact us via email, phone or by submitting an online inquiry.
Learn Why World’s Top Businesses, Universities, Colleges and Public Sector Organizations Have Already Adopted Shibboleth SSO IT Security.
- Shibboleth is the most widely-deployed, open source and open standards SAML Single Sign-On (SSO) IT security middleware.
- Shibboleth has been around for over 15+ years, and was originally developed by the United Stated National Science Foundation and Internet2.
- Shibboleth plugs into existing identity management and authentication systems such as Active Directory, CAS, LDAP, SQL, NTLM, Kerberos, SPNEGO, and others. This lowers the barriers to adoption.
- Shibboleth provides login access security for applications (Service Provider or SP) as well as passwords (Identity Provider). One login password for each user gives the user access to all apps without sharing user credentials with the apps (or the app vendors).
- Shibboleth inter-operates with popular SSO middleware such as Microsoft ADFS and CAS. So customers are able to depoly end-2-end federated SSO that works across all enterprise Apps.
- Shibboleth is most robust PKI trust based security middleware. It has been tested for more than 15+ years by organizations and communities around the world. It is not a black box technology that is dependent on any one vendor.
- Shibboleth is the most complete SAML SSO security middleware and inter-operates with thousands of enterprise and campus applications.
- Shibboleth does not require any user-training or installation of any software on user’s desktop. One Shibboleth is deployed, everything works as before except users input their passwords only once while accessing different applications. So great UX for end-users.
- Shibboleth is widely adopted in markets such as Public Sector, Telecom, Healthcare, Higher Education, K-12, Finance, Insurance, Automotive, Retail, E-Commerce, and others.
- Shibboleth has been commercially supported by 9STAR for over 15+ years. 9STAR provides fixed cost, enterprise-grade, commercial solutions, support and services to Shibboleth customers worldwide.
Here is how a leading CIO at a major University recently summed up why Higher-Education and Public Sector IT Departments should adopt Shibboleth over any other alternative?
NO commercial (non-Shibboleth) product supports EDU identity federation frameworks. I know some campuses that have walked away from the Ellucian and other competitive products because, while they support SAML, they do NOT support SAML as used with the worldwide higher education community. With fifteen years of experience with SAML, the Higher Ed community has developed a set of “deployable practices” that go beyond the basic protocol and significantly simplify the process of managing the use of SAML.
Leading the Shibboleth SSO IT Security Revolution. Low Cost, High ROI.
Currently, many IT departments from different Industries have expressed interest in expanding their network IT infrastructure to include federated single sign-on (SSO). At 9STAR, we specializes in delivering enterprise-grade end-2-end federated SSO software solutions. We have been deploying our SSO solution for 15+ years and therefore are able to deal with most complex enterprise IT environments without delays or experimentation.
We deliver our solutions on a fixed-price basis, allowing our clients to control costs year after year. As you may know, Shibboleth is the most widely-deployed, tested, open-source, and open-standards compliant secure SSO middleware in the world. It was originally developed by the United States National Science Foundation and Internet2. 9STAR leverages its Shibboleth based Elastic SSO Software to deliver an end-2-end, turnkey, SSO software solution that leverages your existing investments in Microsoft Active Directory/LDAP, Microsoft ADFS and CAS authentication infrastructure.
Our Elastic SSO software solution is widely deployed in government, education, healthcare, financial, semiconductor and energy sectors. Our solutions enable secure federated SSO access across hundreds of enterprise applications including Microsoft Office 365, Google Apps, O365, ServiceNow, Salesforce, WorkDay, SharePoint, and many other industry specific apps.
So don’t wait until there is a crisis in your SSO/IT project. Act now, and collaborate with our world-class IT experts who are ready to provide your IT team with a steady hand and expert guidance. We deliver our solutions on-time and within budget. Our clients have been extremely satisfied with the support and maintenance we provide to their in-house SSO IT systems and projects. Our years of solid experience make for a quick turnaround in SSO deployment and resolving issues, resulting in a highly satisfied customer base.
Whether you need Annual Support for your existing Shibboleth/SAML/ADFS SSO systems, or are looking to upgrade and update, 9STAR is here to make your transition simple, quick, and affordable with zero downtime.
If you have any upcoming federated SSO IT project that may need additional support or expert guidance, then look no further, and Contact us for a free complimentary quote or simply send us email at email@example.com. We look forward to collaborating with you soon.
SSO Advisory Team
Elastic SSO Team is an Identity Provider cloud software that provides SAML standards based Single Sign On (SSO) as well as user account and credential management (IDM – Identity Management) capabilities. Customers can provision unlimited user accounts on-demand over the Web and enable SSO access to unlimited number of Apps, all for a flat-fee. Elastic SSO Team can be purchased directly from Amazon AWS Marketplace. Once purchased, the SSO instances are then provisioned in Customer’s personal/corporate AWS account in one of many AWS data-centers worldwide. Customer has complete and exclusive control over the SSO instance and the associated user data (including credentials). The SSO instance can be configured, customized and self-managed by Customers over the Web. Step by step documentation for configuring Elastic SSO Team instances is available online. Read more…
Elastic SSO Enterprise is an Identity Provider software solution that can be deployed anywhere on any Virtual Machine (VM). So it can be deployed either on-premises or in the Cloud. Elastic SSO Enterprise enables Shibboleth, SAML2 and CAS based SSO and leverages Customer’s existing user authentication system, such as Microsoft Active Directory, LDAP, SQL,… for SSO access to Apps. The product is sold, deployed and supported by 9STAR. Read more…
For additional information or price quote, please contact firstname.lastname@example.org or +1.888.999.8934.