Why Do We Recommend SSO for Smartsheet Login?
Smartsheet's enterprise plan offers increased security with single sign-on (SSO).
SSO also allows users to authenticate themselves to multiple applications using a single set of credentials, making it easier for administrators to add or remove users, reset passwords, and enforce security policies.
Here are some benefits of using SSO with Smartsheet:
Improved security
SSO reduces the risk of unauthorized access to Smartsheet by leveraging the authentication and security measures your organization's identity provider already has in place.This includes features such as multi-factor authentication, strong password policies, and regular password changes.
For example, by restricting logins to Google and disabling logins with email addresses and passwords, you can enforce login policies such as multi-factor authentication.
Improved user experience
Improved user experience: Users do not have to remember multiple credentials for different applications.The user will be able to access her Smartsheet using the same credentials she uses for any other application in her organization.
Safer retirement process
With SSO, the exit process for departing employees is fast and secure.An admin can simultaneously grant or revoke access to Smartsheet and other applications through her organization's identity provider, making the process faster and more secure.
For example, if a Google account is used for SSO, in the case of an employee leaving the company, the employee's Google account will be closed at the time of leaving the company, which will also prevent the employee from accessing the company's Smartsheet. .
This can reduce the exposure of an organization to the risk of information breaches caused by departing employees.
Simplified account management
SSO simplifies user account management for administrators.The admin can manage user access to her Smartsheet through the organization's centralized identity provider, making it easier to add or remove users, reset passwords, and enforce security policies.
Fewer helpdesk requests
Users have fewer passwords to remember and are less likely to forget them and require help desk assistance.This reduces support costs and increases productivity.
Compliance and audit
SSO helps organizations meet various compliance requirements related to user access control and authentication. Centralized logging and reporting through your identity provider can provide a clear audit trail of user activity across multiple applications, including Smartsheet.
Shouldn't an email and password combination work?
Using an email and password combination instead of SSO to log in to Smartsheet introduces some risks and limitations.Some are:
Lack of multi-factor authentication
SSO often offers multi-factor authentication (MFA) as an additional layer of security. Without SSO, users can only log in with an email address and password combination, increasing the risk of unauthorized access.
Possibility of weak passwords
Without strong password policies enforced by SSO, users may choose weak passwords, making it easier for attackers to guess or crack passwords.
Password reuse
Users tend to reuse the same password across multiple applications, increasing the risk of unauthorized access to Smartsheet if the password is leaked elsewhere.
Helpdesk workload
When managing multiple credentials, users are more likely to forget or need to reset their passwords, resulting in more helpdesk calls and lower productivity.
Inefficient account management
Without SSO, admins would have to manage individual user accounts for each application, including Smartsheet.As a result, access control, user provisioning, and deprovisioning can be inconsistent.
Delays and uncertainties in retirement procedures
Without SSO, admins must manually create or delete user accounts in Smartsheet, slowing the exit process and increasing the risk of unauthorized access if accounts aren't deactivated promptly.
Summary
We recommend using SSO with Smartsheet whenever possible to reduce security risks for your organization.But if SSO is not an option, your organization should either enforce a strong password policy or have internal policies requiring only logins with Google, Microsoft, or Apple, and educating users on security best practices.