As companies come to terms with the sweeping effects of technology in the HR space, they must deal with a few double-edged swords. It is important to offer the modern employee widespread, device-agnostic access to learning and development modules across smartphones, desktops, and tablets. This allows employees to determine their own pace of learning while maintaining consistent and regular connectivity with the company. By 2020, mobile-based learning will be a $70 billion industry.
However, ease-of-access comes with the risk of compromising enterprise security. At a time when cybercrimes are steadily on the rise, the data and other vital product information must be made totally secure and well-protected.
This presents an interesting technical problem to solve, something that we at Sproutlogix looked at while building our Adaptive Learning experience platform. If the content is locked up behind an unassailable LMS or corporate intranet, the employees will not find the enthusiasm to sieve through complex accessibility pathways. And again, if the learning platform is made accessible on the open web through web/mobile platforms, the app needs to be ready for companies that have complex compliance protocols, which constantly change.
SSO integration is the first and most basic step to start securing enterprise applications that work on the open web.
Let’s now look at some of the key factors that make an SSO plugin so important for LMS.
- Determining who gets access to the content
Given that often any learning program can carry sensitive corporate and product data, it’s important to know who can see what, when, and how. For example, once an employee exits, you should ensure he/she cannot log back in. With SSO, transferring authentication responsibilities from a third party right back to the company is possible, placing you in direct control of updating your user database while necessary.
Remember, authorization — the verification of a user and thereby the allowing access — must be managed separately from user authentication — verifying the identity of the user. Certain SSO protocols like SAML can help intersect the two by using key user metadata.
- A single, unified password
The rule for passwords is rather simple: one is always better than two. In fact, research has demonstrated that when asked to stick with a single password, employees tend to select a select a stronger and ‘harder to crack’ option, meaning the content comes with a lower security risk.
SSO ensures the user will apply the exact same credentials to access a number of services, thereby strengthening and reinforcing security levels. If the third party application supports SSO, it is prudent to let them leverage existing user credentials as against the creation of new ones. Also, this makes sure that the password rules for an organization are applicable to the passwords created on the learning platform.
- Eradicating the need to outsource data
Source: Eaton & Assc.
With passwords, the real challenge is to govern confidential user information — the lesser the outsourced data, the more stringent your security mechanism. Whenever a third party application manages any employee data, it means that they can retrieve or even reset these credentials.
What this means, is that not only does your IT team have to work closely with your employees on this, but that they also have to contact the third party LMS service provider. SSO will help the third party use only credentials that are already managed and controlled by you, removing the need for any mandatory support function or dependency.
If we’ve made a convincing argument for SSO and you feel this could actually be a fitting approach towards securing your learning and development content, based on our experience here are our few recommendations for the integration of this feature into your LMS.
- Directory/Federation Services:
- Active Directory
- Windows Azure Active Directory
- Identity & Access Management Server
A Final Word
Mobile content, securing user management, and refining the LMS, are all simplified and made smarter by a single ‘magic bullet’: an SSO plugin.
This is because it will let your IT team work on other strategic tasks, freeing them from grappling with the retrieval of outsourced passwords and insisting that your employees use one, strong password for all their corporate content needs.
In other words, not only is it effective, but it is also pretty pragmatic.
You will feel assured that your content is safe and secure, while your employees enjoy the freedom to access learnings, training, certifications, and other modules, anywhere and anytime, regardless of location or device.