Reply to post: I take issue with this part...

Block claims ex-employee downloaded customer data after leaving firm

The Indomitable Gall

I take issue with this part...

" Historically an employee would have a single account in a central authentication server like Microsoft's Active Directory that would give them access to networks and applications. When the employee left the company, all that was needed was disabling or deleting that single account.

"Today, however, an organization may have dozens of SaaS solutions in use, many with stand-alone authentication systems not tied to the company's internal authentication database," Clements told The Register. "

Historically, you'd have umpteen passwords and logins because most of the systems wouldn't connect to AD.

We're now entering a world of SSO, where almost everything can be authenticated with a single Microsoft or Google ID.

The danger isn't that we're increasing the number of logins, but that as the number of logins decrease, we're liable to get blasé and assume that one click kills all logins, when it doesn't.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon