In this blog post, we will discuss the benefits of deploying Federated Identity with Office 365. We’ll start though by explaining what federated identity is.
Federated identity is where a third party identity service vouches for the authenticity of your users – usually by confirming they’ve entered the correct username and password. This third party federation service sits in between your organisation (and users) and all your applications. Because of where it operates, it is sometimes referred to as ‘middleware’.
Federated identity enables users to use their existing Active Directory credentials to get seamless access to Office 365. The Active Directory stores and controls the password policy. Users are authenticated via on-premises Active Directory services by establishing a Federation Trust between the on-premises Active Directory and Office 365.
Benefits of Federated Identity
With the rise of applications and devices, users have to create numerous login credentials for each of the applications they have to use. It is difficult and counterproductive for users to have to remember all their usernames and passwords. This results in IT teams having to spend a lot of time helping users resolve login issues. From an IT administrator’s perspective managing multiple user identities across different applications and controlling who is granted access to which application is extremely time consuming.
With Federated Identity, single sign-on can be implemented using existing Active Directory credentials. A Federated Identity sign-in model facilitates true single sign-on (SSO) allowing users to have the same password for on-premises and cloud applications, such as Office 365 and other third party cloud applications. Once users sign in to their domain-joined computers, connected to the Active Directory domain, they do not need to re-enter their password when connecting to Office 365.
Single Sign On provides seamless access to applications, making the IT user experience quicker, simpler and more convenient.
Reduced Security Risks
With Federated Identity, you can keep the authentication process within your on-premises Active Directory, enabling increased security. Using this model, you don’t have to synchronise password hashes in the cloud Azure Active Directory. Your password policy is stored on-premises, behind your firewall.
In the absence of single sign on, users are expected to create their login for these cloud applications. Multiple login credentials expose your organisation to various risks, including the potential use of easy-to-crack passwords by users. Managing a single set of credentials provide convenience to employees and IT admins and helps in creating a strong, single password.
Increased Organisational Productivity
Organisations can experience a decrease in productivity if they have to deal constantly with multiple application logins, re-entering passwords and helpdesk calls for password resets. This is also a potential increase in administrative overhead which can largely offset the benefits of switching to cloud-based applications. Federated single sign on can simplify the log in process improving organisational productivity.
To find out more about federating Office 365, or any other application in your organisation, visit our single sign on page.