When your employees access the internet using single sign on authentication they are not required to enter in a user name or password. This is because the same user name and password used to log into the computer is stored and retained for authentication with all of their other resources and applications. The issue with using a single user name and password is it lacks security. Anyone can open the employee’s internet browser and access websites and other online applications, as long as the computer is signed onto your network.
Use Two Factor Authentication in Place of Single Sign on Authentication to Limit Online Access
In order to restrict access to the internet and your online applications you should consider adding two factor authentication in place of single sign on authentication. With two factor authentication, you have the ability to control user access to the internet, as well as online applications. For example, one of your employees may need access to an online application, but does not require the internet for their job. By using two factor authentication, you can limit this employee’s access to the single application.