As businesses continue to deploy more related, yet independent, applications, single-sign on (SSO) authentication becomes more important. SSO provides a single entry point for end users wishing to access multiple applications.
Traditionally, a salesperson trying to access CRM, ERP, calendar, and travel billing applications would have to sign into four different systems. SSO eliminates the need to sign in multiple times by creating an entry point that gives the end user immediate access to all of the applications they have permissions for.
This offers the users, managers, and owners several key benefits:
- Fewer Logins – Logging in doesn’t take much time, but the time does add up and every login presents another chance for errors.
- Reduced IT Calls – With only a single set of credentials to remember, users make fewer calls to IT for password resets or credential recovery.
- Fewer Distractions – As users switch applications, they aren’t distracted by multiple requests for login credentials.
- Easier Access Management – Credentials for multiple applications are handled through a single GUI, making it easier to add or remove user permissions.
- Increased Security – Since they don’t have to remember multiple passwords, it’s easier to get users to create more secure passwords.
Enterprise CRM Vendors and SSO
Since enterprise CRM users tend to use such a wide variety of other applications, it’s not surprising that the top enterprise CRM vendors offer options for SSO. What can be surprising is the variety of SSO options they offer, and the differing methods of enabling and configuring SSO.
Each vendor uses a variety of protocols and standards for establishing SSO authentication. The one you choose will depend on the applications you want to make accessible from a single login page.
Salesforce includes some form of SSO with all of its CRM versions. Using a combination of Security Assertion Markup Language (SAML), Oauth, and OpenID, Salesforce can act as an SSO provider for hundreds of applications.
Salesforce SSO also works with Active Directory Federation Services (AD FS) and .NET framework, allowing it to provide single authentication services to Windows applications. Configuring Salesforce to provide SSO isn’t difficult, and they provide a lot of documentation to help you along the way.
SugarCRM offers SSO using Lightweight Directory Access Protocol (LDAP), Active Directory, and SAML. While the instructions for enabling LDAP and AD SSO are pretty straightforward, SAML can be more difficult. Fortunately, as an open-source product, there are a lot of third-party applications and workarounds to make SAML authentication easier to set up.
The type of authentication you need will depend on the version of Sugar you’re using, and which applications you want to connect with.
Dynamics CRM 2013
Dynamics CRM 2013 offers SSO using Security Token Service (STS) and your Active Directory credentials. Dynamics currently supports Active Directory Federation Services (ADFS), Shibboleth, and certain third-party security token services.
Setting up SSO with Dynamics CRM 2013 isn’t as point-and-click simple as with some other vendors, but is probably worth the effort for companies that are already using other Windows-based applications.
SSO and CRM
CRM isn’t like every other application. Typically, the people who use CRM use it every day, several times a day. While they’ll also use related applications, CRM is their bread and butter. For this reason, SSO is especially beneficial for CRM users. It allows them to quickly and easily access and update CRM information, while also switching seamlessly between other applications.