SSO Fees & Taxes: What is it and am I paying for it?
Taliman automates auditing and tracking of all your software subscriptions for free. Securely connect to your company's bank to reveal everything about your software spending — including overcharges, renewals and trials.
What is SSO (Single Sign On) Tax
Single Sign-on (SSO) involves outsourcing the authentication for your site or product to a third-party identity provider like Google, Okta, Azure AD, PingFederate, and so on. It’s when a SaaS vendor allows a client to manage user accounts via their own identity provider without relying on the vendor to secure strong authentication. The client can then create and delete user accounts using a central dashboard across all software apps.
It’s an authentication method allowing users to enter multiple apps and sites using a single set of credentials. When a work environment adopts SSO, employees can log into one app and automatically get signed into other programs no matter the platform, domain, or technology.
The “SSO Tax” is the unofficial word for the practice of software vendors up-charging customers for SSO support. It’s a sneaky kind of upselling that’s harming small and midsized businesses.
What Does It Do?
Single sign-on is a highly technical process behind the scenes, but on the users’ end, the process is pretty straightforward. The user opens an app they want to log in to like Gmail. They input their email address and password. Gmail then sends the data to the client’s Identity Provider.
The client’s Identity Provider sends an authentication request like a one-time password or biometric identification. Once their Identity Provider validates the information, it will confirm with Gmail or the Service Provider, and the user can successfully log into multiple applications. For example, if the user gains access to Gmail, they also get automatic access to other relevant apps such as Adsense, YouTube, Google Analytics, Google Maps, etc.
Again, the example seems simple, but the technical explanation is more complicated than that. There are a lot of standards and protocols involved in this process, such as OAuth, SAML, and OIDC. You can either outsource an IT specialist or rely on an SSO provider to take care of the entire implementation on the back end.
How Does It Benefit Me?
Let’s enumerate all the benefits of SSO, and how it can support businesses of all shapes and sizes.
Easy Identity and Access Management
SSO promotes better identity and access management. It helps IT teams lock down crucial systems and monitor and control user credentials. SSO seamlessly synchronizes user information and passwords to access numerous applications with much ease.
Better Security
SSO also helps reduce the risks of cyber attacks since employees would only have to log on to a secure platform once a day. Each app that requires a unique login is an opportunity for cyber attackers to access sensitive business information, with SSO, it’s like you have built a wall around your sensitive data with only a single front gate. You can also reduce the chances of employees repeating the same passwords across numerous insecure applications. The more login credentials employees need to remember, the more likely they’ll end up using weak passwords, reusing passwords for multiple apps, or storing passwords in a vulnerable way. Although there are password manager tools that can help, they’re still not as safe as SSO.
Streamlined Experience
Users no longer have to think about setting new login credentials for every single application. They only need to remember one set of credentials eliminating a very real phenomenon called password fatigue. The more passwords they need to remember, the more likely they are to engage in time-consuming password resets, which can be downright inefficient.
What’s more, when an employee leaves the organization, without SSO, the IT staff would have to shut down every account manually, which is time-consuming and prone to human error. With an SSO system, one click of a button and the job is done.
Increased Productivity
Since SSO lifts the burden of having to come up with strong credentials for multiple applications, the IT department and employees can save a lot of time and effort. Password-related IT support can also be significantly reduced.
The advantages above make SSO an IT best practice. The next question is, how much does it cost?
Can I Afford It?
Companies should never ignore security, but what if a feature pushes app pricing way past what’s reasonable? In the SaaS world, an “enterprise” plan means “expensive”. That’s why startups and companies on a budget try to ditch enterprise tiers, especially since they don’t actually need a massive stack of features designed for large companies. Unfortunately, many apps offer the SSO feature only to enterprise users. Being an awesome feature, SSO is usually that one additional feature companies need but they have to subscribe to sky-high pricing just to access that one extra function. This sales technique is definitely not friendly to small and mid-sized businesses.
It's not that the SSO system is not worth paying for. It’s just that the price bump is usually at 100% to 500% more. In one unbelievable case, the bump is a whopping 6,300%.
Here are some examples of SaaS companies with overblown price bumps for SSO features:
- Monday.com- 286%
- Clockify- 300%
- Netlify- 421%
- GitHub- 425%
- Airtable- 500%
- JFrog- 613%
- Raygun- 721%
- Mailtrap- 1100%
- ReadMe- 1920%
- Hubspot Marketing- 6300%
Most vendors do not list their enterprise pricing, forcing companies to negotiate their own rates. This reality is sapping the IT budgets of small to mid-sized businesses and could impede their overall growth and agility. The ideal scenario in an ideal world is for vendors to decouple crucial security features like SSO from their pricing packages and bill a surcharge for that one additional feature. That might cost them huge profits, but that would increase customers’ trust and confidence, and better affordability can also still earn them a great deal of revenue scale-wise. We don’t know how things will change in the future, but we do know things should change for the better today.
Want to enjoy SSO-like features for a fraction of the cost? Talisman provides access to provisioning and de-provisioning features that can make your processes more efficient without breaking the bank!