undefined | Better HN

0 pointsTerretta1y ago0 comments

> Small companies don't need SSO

This is incorrect.

0 comments

This is very much correct, and quite self-evident: they live without, therefore they don't need it. Wanting something != needing it. Companies that actually need SSO are the ones that have internal or external compliance requirements, and/or for which managing users without SSO becomes prohibitively expensive. Turns out, at that point, they're willing to pay through the roof for it.

TerrettaOP1y ago

> quite self-evident: they live without, therefore they don't need it

Lots of people live without things others observe they need. Doesn't make going without a good idea.

> Companies that actually need SSO are the ones that have internal or external compliance requirements...

This logic is backwards.

Why do you think SSO is a "requirement" that security certifications or compliance policies look for? Why did that come to be? Who does SSO benefit? Are those personas relevant for only large companies or small ones too?

Do beginning drivers not “need” seatbelts or brakes? Or are these devices only needed to avoid tickets and pass inspection?

SOLAR_FIELDS1y ago

One thing worth pointing out. If you don’t mind using GitHub or Google you can get “SSO at home” for a lot of things, since most SaaS provide Google/Github login in their lower priced tiers. It will usually be OIDC based and not SAML, but it’s definitely possible to use these providers up to a quite significant scale.

0x4571y ago

Why? You use SSO in your personal life all the time. Why would you not want to continue doing so in your business?

If anything, small companies need SSO more than any others - those companies usually outsource a lot (SaaS vs a dedicated hire), managing credentials is annoying.

TerrettaOP1y ago

So we agree that small companies do need it.

mlhpdx1y ago

Yep, just like people don’t need healthcare.

kccqzy1y ago

Depends on the definition of "small" which I take to mean early stage startups.

j / k navigate · click thread line to collapse

0 comments

TeMPOraL1y ago

TerrettaOP1y ago

> quite self-evident: they live without, therefore they don't need it

Lots of people live without things others observe they need. Doesn't make going without a good idea.

> Companies that actually need SSO are the ones that have internal or external compliance requirements...

This logic is backwards.

Do beginning drivers not “need” seatbelts or brakes? Or are these devices only needed to avoid tickets and pass inspection?

SOLAR_FIELDS1y ago

0x4571y ago

Why? You use SSO in your personal life all the time. Why would you not want to continue doing so in your business?

If anything, small companies need SSO more than any others - those companies usually outsource a lot (SaaS vs a dedicated hire), managing credentials is annoying.

TerrettaOP1y ago

So we agree that small companies do need it.

mlhpdx1y ago

Yep, just like people don’t need healthcare.

kccqzy1y ago

Depends on the definition of "small" which I take to mean early stage startups.

j / k navigate · click thread line to collapse