Implement Single Sign On (SSO)
Our company has clear information security policies and customer obligations to ensure that secure Single-Sign On is implemented for all internal applications.
Our internal 3rd party application policy requires that all of our vendors support SSO through SAML2.0 or some other equivalent protocol.
SSO is a critical and core security requirement for all organizations in order for IT and Security teams to be able to effectively manage user accounts across dozens or hundreds of vendors. In the event that an employee leaves the company, it allows the IT team to immediately disable their access to all applications, rather than logging into 100 different user management portals.
This is especially critical for services like Xink that have direct impact to user email. If Xink wants to take security seriously, this is a critical feature that needs to be prioritized highly.
If Xink is unable to implement this feature, we may not be able to renew our subscription at the end of our contract.
We understand that MFA is supported, and we have that enforced, however that is not enough to satisfy our client and security policy requirements.
In addition, support for SCIM provisioning alongside SAML2.0 would be the most ideal scenario.
4 people like this idea