CA SSO Review

It enables the business to serve customers through multiple channels without asking the user to register multiple times. Agent configuration can be improved.


Valuable Features

Security to protect digital assets is most valuable to us. For the financial industry, security is a high priority. SSO provides solid security, specifically authentication and protecting digital apps and applications. We can define what we protect.

Federation is valuable as well, using the same security across multiple channels like mobile, e-side and m-side, and web services for partners. We can cover all channels with one security solution.

Improvements to My Organization

It protects business assets and functionality. It enables the business to serve customers through multiple channels without asking the user to register multiple times. Register once and it serves multiple channels. It also helps our security and fraud teams to protect assets and lock compromised accounts. It allows all channels to go through the same rules.

Room for Improvement

We go by agents for authentication; anything relating to agent configuration could be improved, or even agentless security.

Also, reporting on analytics and the health of the system could be improved.

Stability Issues

Very stable. It’s rock solid. As it is serving 100 million requests, it works.

Scalability Issues

It’s very scalable horizontally. We deploy multiple policy servers as we see load increase, and we do have 16 million users.

Customer Service and Technical Support

We have dedicated services, and they’re OK. Whenever we ask the questions, we get documentation and we do place calls. When we place calls, we do get good support. Theoretical questions or subject matter questions are usually answered with documentation and some back and forth. Overall they have been good.

Implementation Team

It was already implemented, but we did migrate to a new data center. The experience was pretty good.

Other Advice

SSO architecture is different from other kinds of application development. Plan up front. Understand the tool, and understand how to configure the tool, which partially depends on LDAP, and how to configure agents to perform.

Understand how you want to protect which assets, and how you want to open asset protection to other channels because it will grow. People will be asking more and more. For us there is no other way when I’m serving that many customers – we have to be fully prepared and plan way ahead.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest

Sign Up with Email