Expand +



Is Single Sign-On compromising your data integrity?

by Thomas Tsan

June 11, 2010

IT security continues to be a challenge for many companies especially during the tough economic conditions.  In January of 2010, a hacker managed to steal the source code to Google's Single Sign-on (SSO).  It all began when a Google employee in China clicked on a poisoned URL that was sent via Microsoft Live Messenger.

Due to ever-changing technology, companies are now faced with an increased risk of hackers and/or disgruntled employees compromising User IDs that have access to intellectual property and sensitive SAP data. 

As companies are implementing or contemplating on purchasing SSO to reduce costs, they are faced the same delinma as Google.  To mitigate this risk, companies can implement a 2-Factor authentications such as smart card and/or biometrics to protect access to any critical system or data.  For example, when Jane Smith approves a $200K invoice payment in SAP, she would be required to have a smartcard inserted or input her fingerprint for a biometric authentication.  This effectively eliminates various hacking techniques such as Password Cracker Software or Shoulder Surfing to steal Jane's password.

bioLock - is the only SAP Certifed Biometric solution that enables clients to protect transactions, fields and data within the SAP system. 

For more information, please visit


SAP Security & Compliance Architect


An email has been sent to:

More from SAPinsider


Please log in to post a comment.

No comments have been submitted on this article. Be the first to comment!