CA SSO Benefits

Sr. Manager at Duroob
If I describe what actually happened, a little bit of the business case, that will help you to understand what it was like. The customer is the kind of customer that really doesn't want to share anything. When a person joins that organization, he has to pass through a couple of security levels, the scrutiny, before the ID is given to him. They used to use a manual process. Whenever a person joined the organization, they used to take his details; they used to write on a piece of paper; then this paper used to go to one of the departments; then it goes to another department; and so on. It wasn’t just a matter of going from one building to another; it was going from region to region. Finally, this paper goes through a couple of scrutiny procedures. Then, it used to come back to the IT department, and finally, they do their security check and they create the ID and give it to them in an envelope. That was a kind of long procedure that sometimes took 2-4 months to create the ID; just an ID for a person. It was a challenge for the customer for the last 20 years. We were doing that project and during that project, we found that the project owner wasn’t trusted. The project sponsor wasn’t trusted to just change this overall but they had this security constraint. What they actually wanted was that when they create the ID, they want this person to be authenticated. Generally, this is not the case in any organization, that somebody joins an office and he doesn't have any ID. So, how are you going to authenticate it? What happened was that what we've been told, “Will you guys do this? Authenticate through a national database? We want, when a person is going to join us and he will request an ID, he should be authenticated through a biometric and that fingerprint will take him to the national database, where he will check in and it will come back to their IDP, their identity provider. They have it internally, and then, we will pass it through our system.” Now, this was a challenge because in CA Identity Management, when you have a self-user registration page, this page was open so anybody could go and open it. We needed to protect that page, and on top of that, this information had to be protected to a third party. What we did is, we brought a couple of products in the middle of it: CA Federation, CA Single Sign-On, and CA Identity Management. What happened when the user got authenticated with his fingerprint, it comes to the IDP, we have federation through CA Federation and then, once it passes through it, we have CA SSO, which is protecting the identity management page. Once it gets past this information, it comes to the self-user registration page, but here's another challenge: You've been authenticated but now you have a page which is open. I can authenticate myself and put someone else through the system. That could be a possibility, so we had a problem. What we did is, we just pulled the data out from the third-party, national database and brought them to the CA identity page, to the self-user registration page, and all his names, IDs, and phone numbers, come in automatically. Then, it goes through several approval processes. Finally, the ID is transmitted over his mobile number that is in the national database. That kind of work we have done. There are other challenges, as well. View full review »
Manager with 10,001+ employees
It keeps our members safe, that's a benefit for us. It's important. View full review »
Security Engineer at a financial services firm with 10,001+ employees
People do not have to remember 35 to 40 usernames and passwords. They have a link to go to their page that they need to work on, and it is there. It knows it is them. If we lose an employee, they no longer can sign in from anywhere in the world, they are immediately gone. View full review »
Find out what your peers are saying about CA (A Broadcom Company), IBM, Auth0 and others in Single Sign-On (SSO). Updated: November 2019.
382,892 professionals have used our research since 2012.
Anil Gaddi
Security Architect at Raymond James Financial, Inc.
I think Single Sign-On helps a lot. If you look at our organization, and really all financial institutions, we have a lot of legacy apps. So it really helps to get Single Sign-On. View full review »
Maurice Shorrosh
Technology Director at a financial services firm with 10,001+ employees
It has definitely made things easier. We do not have to do that development. It is an out-of-the-box product which does the thing it does best. View full review »
Amlan Sahoo
Systems-Engineer at a tech services company with 10,001+ employees
The product was just for client demo purposes. There was no deployment onsite. View full review »
Syed Aamer
IT Security Consultant at NIC KSA
It has considerably reduced the amount of time that new users would take to join into the organization. Previously, it was a lengthy, manual process because it's a very secure environment, where they need to verify the user before they can actually grant him a user-ID and password. Integrating with the built-in custom application, and exposing CA Single Sign On to the internet, we were able to get the employees onboard. The time that we gained was: previously it would generally take from four to eight weeks for each employee, we brought it to one to two days. View full review »
Site Minder Admin at a construction company with 501-1,000 employees
It's more efficient. We're providing immense security to the applications, to Chase. We're securing 70 million customers in Chase. View full review »
Find out what your peers are saying about CA (A Broadcom Company), IBM, Auth0 and others in Single Sign-On (SSO). Updated: November 2019.
382,892 professionals have used our research since 2012.
Sign Up with Email