IA-2(10): Single Sign-On

Control Family:

Identification And Authentication

Parent Control:

IA-2: Identification And Authentication (Organizational Users)

Priority:

P1: Implement P1 security controls first.

CSF v1.1 References:

PR.AC-1
PR.AC-6
PR.AC-7

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
IA-2(10): Single Sign-on

Control Statement

The information system provides a single sign-on capability for [Assignment: organization-defined information system accounts and services].

Supplemental Guidance

Single sign-on enables users to log in once and gain access to multiple information system resources. Organizations consider the operational efficiencies provided by single sign-on capabilities with the increased risk from disclosures of single authenticators providing access to multiple system resources.

Control Statement

Supplemental Guidance

Related Controls

Critical Security Controls Version 7.1