How Single Sign-On Makes End Users Happier

Single sign-on (SSO) systems are often introduced to improve IT security and simplify management and auditing. But we shouldn't lose sight of one of their principle benefits: making it faster for people to sign in and thus keeping everyone happier.

St Vincents Health Melbourne has spent two years rolling out its Quick Connect project which allows staff to instantly sign into any of 600 computer systems located throughout its facilities by tapping a proximity-based identity card on a reader. That sign-in process logs the user back into their own desktop, and automatically authorises them for any relevant apps. The system is managed by Cisco's Unified Computing System (UCS) and uses Microsoft's Remote Desktop Services (RDS).

That represented a major improvement on the previous system, which had extremely slow log-on and log-off times. "Typically when you have a number of nursing staff, it can take up to five minutes to log someone off," said IT strategy manager Paul Gladwell. "Because there was such a stigma attached to their slowness, there was a reluctance to sue them. It could typically take three to five minutes to just get onto a computer, and then they'd have to load their applications."

As well as keeping users happier, the SSO system also improves audit trails. Previously, staff would often enter data using another colleague's log-in, to save the hassle of logging back in. "We had a major problem with credential sharing," Gladwell said.

One challenge with the project: persuading people to organise replacing their existing magnetic swipe identity cards with the new proximity version. St Vincents solved that by running an iPad giveaway for staff members who switched to the updated card.

With that hurdle overcome, adoption was speedy. "It was pretty fast," Gladwell said. "Normally you hear nothing when you roll out something new, and you think that's a good thing. When you do hear it's normally complaints, but we're actually hearing a lot of positive feedback because people were so happy. Once they log on at the beginning of the day, they just tap on and log off as they need to."

The popularity of the SSO approach has even extended to deskbound staff. "We've had further demand for that system, even from people who have 1:1 relationship with their machine," said CIO Simon Richardson.

The big lesson? SSO can be a pain to implement, but the chances are good it will improve utilisation if you do it correctly.

Disclosure: Angus Kidman visited Melbourne as a guest of Cisco.


    So what if you're working out of the office? Do you get an extension cord?

      same as always: equip the laptop with a smartcard reader. Windows has had the ability to sign on to terminal servers with a smartcard for a while now and it performs fairly well over low bandwidth connections.

      If you mean 'what do you do when you have no internet' the answer is mobile broadband.

    So what happens when someone has an RFID reader and bumps past them, Presuming that they are using RFID (but this could be true of any technology)? Something as simple as a smart phone can read the data very quickly e.g. SGS III

    they're such a low power signal that someone would have to physically touch the card with a reader.
    We have similar cards at my work that have a rolling code, so in the event that someone did clone my card, it'd be useless after I had logged back in again using my own card.

    We also have a physical password we have to type in to authenticate the login, though it's not unheard of to operate without one. The risk is there, the trick is to educate the users into minimizing it, much like they would if they physically lost their card.

    "there was a reluctance to sue them"
    I say take them for every cent they have!

    or is it supposed to say "use"?

      Nah - I think it is supposed to be sue. I can imagine there was some hesitation in suing the computers..

Join the discussion!

Trending Stories Right Now