DEV Community

Canming Jiang
Canming Jiang

Posted on

Re-think your SSO strategy or get left in the Stone Age

A CEO recently told me his company can’t take their solution upmarket without the stronger authentication and single sign-on (SSO) capabilities that Fortune 500 companies need.

Adapting to the wide array of new identity platforms and tools that customers are requesting, he explained, requires too much precious developer time, risking a slower pace of innovation and forcing uncomfortable conversations about pricing models that the market may consider exploitive. (Checkout the SSO Wall of Shame, a list of vendors that one GitHub member believes are overcharging for SSO capabilities.)

I challenged the CEO that he needs to be three steps ahead of customers. Just as no one would think of building an HTTP website today when HTTPS is standard, he needs to deliver Burger King-style “have it your way” SSO and other access and provisioning capabilities now because these are going to be table steaks before long.

Login freedom is a must.

Let’s back up a bit. Security risks abound, so implementing the security your customers need can’t be an option, even if they’re not explicitly asking for it today. One thing automotive CEOs Elon Musk and James Farley agree on: Powerful, responsive automotive braking systems are not optional. I believe that we are at this same place now with respect to SSO, and we will be there sooner than you think with tomorrow’s security protocols.

Companies are adopting any number of modern identity platforms –such as Okta, Azure AD and Google – to increase security, enable SSO and multi-factor authentication (MFA), offer better and more productive user experiences and provide visibility into user activity. The complexity of optimizing SaaS software to run in any cloud, and support any IAM platform has opened the door to what I believe borders predatory pricing. Customers should not have to pay double or even triple the
standard price for B2B SSO integration because the market has not settled on one IAM winner yet, and it’s too costly to incrementally support what individual customers are using.

Breaches are unfortunately all too common. So whether your customer is a manufacturer, school district or government agency, they either have – or will soon have – a tool to identify and set access privileges for employees, partners, and customers. From the perspective of your sales team, supporting all possible SSO options today is a dream. Doing so is one less detail that can knock your solution out of the qualification process. I would go so far as to say that it should be part of any minimum viable solution.

However, the challenge doesn’t stop at SSO. Companies are constantly looking for new ways to make it easier and safer for users and customers to access applications, which may involve a mix of strategies. The latest trend is social logins.

Zoom is a great example of this, and it’s becoming a must-have feature of B2B applications. As a vendor, you don’t have a crystal ball to see what’s next – and the last thing you want to do is sink costs into constantly responding to the latest access management strategy.

But then again, can you afford not to if your competitors are doing it?

The cost and pricing predicament.

One rosy way to get around the challenge of evolving login strategies is to charge premium fees for
SSO and whatever comes next. Mature SaaS vendors can better afford the development costs – including headcount for a couple of extra security experts. And many larger enterprises are more than willing to pay those premium fees because verifying access is essential for security and tools like SSO deliver a more acceptable user experience.

It’s a legitimate approach, but how long until this falls out of favor? Are you pricing yourself out of customers who don’t want to pay the SSO tax? Will hiring development and security resources cut into your already razor-thin margins?

Is “have-it-your-way” SSO a realistic mantra?

Learn more...

Discussion (0)