January 12, 2021

SSO or MFA for SaaS Apps

We got into a debate today regarding the value of implementing MFA or SSO for SaaS apps in a corporate environment. Half the group argued for MFA and half argued for SSO as the more secure option. The argument for SSO goes like this: We already have MFA enabled for Azure AD, so by default, if you sign into a SaaS app on a non-corporate device, you will be prompted to use whichever MFA option you have setup. If you sign into the SaaS app on a corporate computer, MFA exists as well (something you own: computer, something you know: computer password). And then obviously you get the added benefit of ensuring that only active users in AD have access at all. The real question is, does a corporate device (computer) act as the 2nd factor for MFA when using SSO in this context?

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.