Meet the Design Team
By Jo PettyJun 29th
At Brandwatch, we understand the importance of security. That’s why we take every measure possible to keep our systems and data secure, from offering users advanced permissions features to housing our data in super secure data centres.
It’s also why we’re happy to announce today that SSO (single sign-on) is now available, for those who need an extra level of security and control.
Single sign-on allows you complete control over the authentication and authorisation of users who access the Brandwatch Analytics platform.
It’s a session/user authentication process that permits a user to enter one name and password in order to access multiple applications, meaning that your users can log in using your own systems, removing the need for another set of login details to access Brandwatch.
That means Brandwatch will only grant access to users that the client has authenticated, giving them complete control over the authorisation of users’ access the platform.
As well as added security and control, SSO also has other benefits:
The most common reason we see SSO requested is for security purposes – it’s a great way of controlling who is authorised to use Brandwatch within your company, and SAML in particular means you can lock down all other ways of accessing Brandwatch, giving you complete control.
This also means you can control your own security measures and reduce password fatigue – as users will be logging in using their login for your internal systems, you can control the requirements for the password, how often it is reset, how it can be recovered if forgotten and so on.
Convenience and ease of use
However, security and control over authorisation isn’t the only use case for SSO. Many companies also set up SSO for convenience and ease of use reasons. In this case, rather than needing to lock down access to Brandwatch and control authentication, the idea is to make the login experience easier for users, by removing the need for another set of login details.
This is particularly useful if you are trying to get multiple departments across the business to use Brandwatch, by removing the barrier of another login page. In these cases, JWT is often the preferred SSO method – due to its easy setup and low maintenance.
Resellers or agencies who are providing access to multiple platforms to their clients also like SSO for the ‘one solution’ feel it can give to their offering.
We offer the option between two SSO (single sign-on) mechanisms, SAML and JWT:
SAML (Security Assertion Markup Language) is a well established, industry standard XML- based SSO mechanism. It is generally considered one of the most tested and secure methods of SSO, and is especially suited to organisations who want to lock down other methods of access.
JWT (JSON Web Token) is a newer, open standard SSO mechanism backed by technology companies such as Google and Facebook. It’s an easy to setup SSO solution most suited to those wishing to use SSO for ease of use benefits (by removing the need for multiple sets of logins) and who aren’t already using SAML.
If you’re unsure of which SSO method is best for you, we’d be happy to discuss your needs and advise – just get in touch.
You can also find development documentation here if you need more technical details.
SSO is available to Brandwatch Enterprise clients, for a monthly fee plus a one-off set up fee. Please get in touch with us for more details or read more here – or, if you’re already a client, speak to your account manager or our support team.