Navigate

IA-2(10)

IA-2(10): Single Sign-on

Provide a single sign-on capability for [system accounts and services for which a single sign-on capability must be provided are defined;].

Supplemental

Single sign-on enables users to log in once and gain access to multiple system resources. Organizations consider the operational efficiencies provided by single sign-on capabilities with the risk introduced by allowing access to multiple systems via a single authentication event. Single sign-on can present opportunities to improve system security, for example by providing the ability to add multi-factor authentication for applications and systems (existing and new) that may not be able to natively support multi-factor authentication.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
None

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to IA-2(10).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of IA-2(10).

Control	Description
No controls

Related CCIs

The CCIs below are tied to IA-2(10).

CCI	Definition
CCI-001943	Defines the system accounts for which single sign-on capability will be provided.
CCI-001944	Defines the system services for which single sign-on capability will be provided.
CCI-001945	Provide a single sign-on capability for organization-defined system accounts.
CCI-001946	Provide a single sign-on capability for organization-defined system services.