It is critical to implement the right cybersecurity solutions for your organization. Learn why higher education institutions should use single sign off.
You’re also likely well aware that cyberattacks are a constant threat to higher education institutions. A study issued by the EDUCAUSE Center for Analysis and Research (ECAR) reports that 562 data breaches took place at 324 higher education institutions from 2005 to 2014. Those breaches represent about 15.5 million records. A second ECAR report indicates that although data loss prevention systems did not stop breaches from occurring on campuses, in 17 of 22 cases, such systems were not meaningfully deployed.
Breaches cost your institution dearly. According to the Ponemon Institute, in 2017, every lost or stolen record cost educational institutions an average of $246. Costs can be real, such as those related to investigating and remedying a breach; they can also be less tangible, such as those related to mitigating a public relations fallout
Avoid these negative statistics by using single sign off. Institute a robust system that protects users and their data from log on through log off.
Why You Should Use Single Sign Off
Logging off is exactly our focus here. Let’s assume you have implemented a portal and that you wisely have implemented Single Sign-On (SSO) as part of it. You’re aware that its benefits include reduced load on your help desk, customer ease of use and improving your compliance and security capabilities.
Your portal should include another step that relates directly to your SSO. If you have a Single Sign On, it follows that you should also have a Single Sign Off. Single Sign Off, also known as Universal Log Out or Universal Log Off, is critical to your institution’s security and provides a bookend for your sign-on protocol. If you do not already use Universal Log Out, keep reading, and prepare to ask your provider about it sooner rather than later.
Protect Users from Themselves
As you may know, Universal Log Out terminates access to multiple software systems – automatically signing users out of your portal. Using it secures users’ session integrity and session termination. It takes care of what users assume is already being taken care of – the key word here is assume, which we all understand is precisely the word one does not want associated with security matters.
Implementing a Universal Log Out addresses the risks associated with open sessions, improving both usability and security. It automatically logs out a user if a login session has been inactive for a length of time.
By instituting Universal Log Out, you are protecting users from themselves, in a way – think about all the times that you have stepped away from your computer monitor and neglected to log out of an app (yes, even IT professionals forget). Single sign off does it for you, prohibiting other users from accessing the system without verifying their credentials. It ensures that user access and credentials remain safe after the login session.
Mitigate SSO Risks
By now, you understand that Universal Log Out helps you mitigate some of the risks associated with a modern SSO landscape. These are risks that attackers are well aware of, so you must stay ahead of them. By instituting a Universal Log Out, you can be sure that your service performs a log out, including terminating session cookies for open services when an IdP session is terminated.
Don’t overlook this potentially huge security risk any longer. Speak with your authentication provider about single sign off today.