This is the right answer for internal threats, because having each employee have their own login to services means there are auditable. However it does mean you need to think carefully about the SPOF issue (single point of failure). Especially if your SSO is Google or some other company with a habit of pulling the plug without recourse.
Domain registry, password management and SSO are services which can kill your entire company if you lose access. The other option is to deploy your own SSO as a service, but that does run into the issue of potentially running a security critical service without having sufficient chops internally to keep it secure.
ajb|1 year ago
Domain registry, password management and SSO are services which can kill your entire company if you lose access. The other option is to deploy your own SSO as a service, but that does run into the issue of potentially running a security critical service without having sufficient chops internally to keep it secure.