Preparing a business case in single sign on is best done by an experienced SSO consultant since they can quickly do a cost benefit analysis for you and include in the costs realistic implementation costs versus those told to you by the vendors. There are a number of areas where the SSO business case can be made.
Oftentimes, most of the costs associated with a single sign on project can be recovered by hard dollar savings involving the reduction of help desk employees. In many enterprises password reset and password related calls occupy 40-70% of the help desk's work. By implementing a single sign on system the following can usually be achieved:
SSO eliminates most of the help desk work and costs related to password resets and management.
Part of the Sarbanes-Oxley regulations has to do with ensuring
that senior executives know who is on their financial systems.
Additionally, many industries, such as financial, have regulators
wanting to ensure that users are quickly taken off financial systems
when their role changes or the user is terminated.
A single sign on system can help enforce the user role changes and automatically prepare regulatory reports. The business case is made by showing how a SSO system can reduce regulatory reporting costs and demonstrate compliance.
Cost savings can be delivered for the management of external users coming into the enterprise systems. Thus if your enterprise has many external contractors, business partners, vendors, customers, etc, accessing your applications, there is a cost associated with:
A business case can be made by showing how enterprises can offload these costs to trusted partners. The enterprise will therefore accept certain users whose identities are created by the partner, their roles assigned by the partner and the authentication at the partner's own site will be trusted by the federated authentication and single sign on system.
Many enterprise use only ids and passwords to authenticate their users. By deploying an enterprise single sign on system the following enterprise security benefits can be obtained:
Sign On Authentication Access
Control Authentication Authentication-Enterprise
Authentication Management User Authentication Authentication Federation Biometric Authentication PKI Authentication Token Authentication Wireless Authentication Document Authentication Authentication - Outsourcing