IA-2(10): Single Sign-on

Control Family:

Identification and Authentication

Parent Control:

IA-2: Identification and Authentication (organizational Users)

CSF v1.1 References:

PR.AC-1
PR.AC-6
PR.AC-7

Baselines:

(Not part of any baseline)

Previous Version:

NIST Special Publication 800-53 Revision 4:
IA-2(10): Single Sign-On

Control Statement

Provide a single sign-on capability for [Assignment: organization-defined system accounts and services].

Supplemental Guidance

Single sign-on enables users to log in once and gain access to multiple system resources. Organizations consider the operational efficiencies provided by single sign-on capabilities with the risk introduced by allowing access to multiple systems via a single authentication event. Single sign-on can present opportunities to improve system security, for example by providing the ability to add multi-factor authentication for applications and systems (existing and new) that may not be able to natively support multi-factor authentication.

Control Statement

Supplemental Guidance

Related Controls

Critical Security Controls Version 7.1