Single Sign On in a company means that you have one set of credentials for all the services the company uses / provides to their employees.
Logically, these credentials might also be usable for Wifi.
- Benefits for the employee: Only one password to remember
- Benefits for the company: Wifi access can be revoked on a per-user basis. Administration is centralized.
Are there real-world examples and guidelines how to deal with the fact that Android smartphones store Wifi passwords on Google servers by default? Doesn’t this give Google access to the full digital identity of an employee and access to the company’s internal services?
- Asking users to turn this feature off on their phones seems to be error-prone and might be forgotten. Especially after a smartphone change.
- Prohibiting users to log in the company Wifi from their own devices is impractical and will probably even be ignored.
- Only company-managed phones are also no option, because of point 2.
Is SSO a bad idea concerning Wifi? How do large enterprises, universities, … but also small companies with less “enforceable” rules handle this?