5 ways single sign-on improves your web agency and increases Joomla website security
Balancing the access to and security of online resources is a critical feature of any successful web development agency.
However, many agencies struggle to make and enforce security policies that protect their own resources and that of third-party clients.
Individual and group-based password managers have done a lot to address these issues and thus improve web server and website security.
However, one area that continues to cause trouble and reduce productivity is managing secure access to websites by agency staff and contractors.
Single sign-on or SSO presents an opportunity to greatly improve this area by providing a centrally-managed authentication hub from which to manage site access.
Below you’ll find 5 ways that SSO can improve the productivity of your agency and keep your websites more secure.
1. Easily reset passwords across all sites at once.
One of the most tedious tasks of any web agency is resetting passwords across tens or hundreds of websites.
With SSO, website passwords are managed in one location. Updating the password centrally propagates the change to all the SSO-enabled websites automatically.
2. Update email addresses everywhere.
Email addresses change less frequently than passwords, but changes can be more common in agencies that rely on role-based user credentials.
Changing email addresses might also be necessary when migrating to modern help desks and project management services that prefer unique email accounts to monitor.
Updating email addresses is similarly tedious when you are managing more than a couple of websites. Again, SSO trivializes this task.
3. Reduce password fatigue.
While a number of browser extensions make it easy to generate and manage a great many unique passwords, password fatigue can still set in.
SSO simplifies this by managing one common set of credentials for accessing all of your websites.
4. Ban group passwords from your agency.
It is distressingly common to come across agencies that use a single user account for all their staff.
Not only does this greatly increase the chance of a password falling into the wrong hands accidentally, it prevents any level of accountability for what happens on the site.
And if a team member leaves your agency suddenly, you must urgently disable or modify the shared credentials which reduces productivity as new credentials are generated and re-shared.
By using SSO, it is trivial to add a user account with the appropriate privileges for each member of your team.
Now if a person leaves your agency, it is quick and easy to reset the password for a single SSO user account without affecting the other users in your organization.
5. Develop and maintain a strong security policy.
Let’s face it: if you build websites for a living, eventually one will be hacked. And if you are an agency with many clients, you’ll likely have to explain to a client what went wrong.
Unfortunately, it’s not always clear what caused a security lapse. In these cases, it is very important to be able to walk your client through your security policy to illustrate how careful you are when accessing their resources and sharing their website passwords.
All good security policies will clearly outline how sites are accessed and how often passwords are changed. How minimum password strengths are enforced and how site activity is logged on a per-user basis are also common.
Not only does such a security policy lead to more secure websites, but it can also help retain a customer if disaster strikes.
Including SSO-based workflows in your security policy that schedule password resets and obsolete user removal — to delete former team members and contractors for example — is the professional and responsible choice for all web agencies.
SSO to improve Joomla website security
The Joomla content management system is not unique in its need for central user management. Thus, SSO can improve Joomla website security for all the reason described above.
If you’d like to implement SSO at your Joomla agency, have a look at our SSO plugin where users can be managed directly from the Watchful dashboard.