UNIVERSITY PARK, Pa. — Penn State Information Technology (IT), in partnership with the Office of Information Security (OIS), will transition the University’s single sign-on (SSO) technology behind the WebAccess login service to Azure SSO — a cloud service provided by Microsoft to manage and secure user identities — by July 1, 2021. The upgrade will improve security, reduce risk and maximize the value of the University’s existing contract with Microsoft.
SSO allows Penn State users to log in to WebAccess with a single ID and password. The University’s current technology, CoSign, allows access to more than 700 systems and applications at Penn State.
“While CoSign has served us well over the years, the Azure SSO technology is more robust and resilient in terms of security, and is included in the University’s premium level service offering in our contract with Microsoft, with no additional cost,” said Rich Sparrow, acting chief information security officer and primary sponsor of the Web SSO Modernization Project.
Azure SSO is the same login system Microsoft uses for all their services, including Xbox Live and Office.com, and receives more than 8 billion logins each day. With robust resources, this platform offers 24-7 support and fast recovery from outages. The service also provides enhanced configuration capabilities that improve the University’s risk posture and allows flexible options for better controlling access to Penn State’s protected online services.
“Ensuring that the right people get the right access to the services and systems is a cornerstone of information security,” said Sparrow. “The challenge is that not all applications leveraging WebAccess have the same security requirements. Our legacy system required a one-size-fits-all approach which could be limiting and impact all users. We could not increase security for one application without impacting the user experience for all of them. Azure SSO will allow us to implement authentication security specific to the application’s needs.”
Users accessing web applications as they are upgraded from CoSign to Azure SSO won’t need to worry about any disruption. The WebAccess login screen may appear slightly different next summer, but its functionality will remain the same: users will only need to input their user ID and password. The Two-Factor Authentication prompt will remain the same.
As the Web SSO Modernization Project moves forward, members of the project team will be reaching out to IT unit leads to begin the onboarding process. More information can be found at the Penn State Web SSO information and documentation site.