Nice to meet you
SSOBuddy is a team of digital craftsmen, seasoned in datasecurity and specialised in Identity and Access Managment (IAM).
We help our customers solve the question "Who are you"? Or more specifically: What identity should we associate with the digital requests coming into our servers. How can we be sure of the answer to that question? And is that identity allowed to access the resources it's requesting? Is there a little more information on this identity, so we can provide the right content in our applications, depending on (for example) the role of the identity.
It's a traditionally hard question to answer in the digitalised world and as we don't want to disturb user's workflows too much while finding an answer, it often presents us the challenging puzzles we like to solve so much!
What we do
We build, extend and maintain access management platforms. These platforms act as proxies between your users and your applications, making sure that only authorised traffic reaches your applications.
If (parts of) the application needs to know the user's identity, our platform will authenticate the user and let the application know who it's talking to. The authentication process can be as simple or complex as your policies define. Depending on the context, the process may differ: Smartcard authentication may make sense on a computer, but is not too convenient on a mobile phone for example. Additionally, specific access rights may be required before a user is allowed to use the application and they might be stored in a multitude of stores.
By centralising the process of authentication, authorisation and optionally enrichment, you prevent the need to duplicate the effort of implementing that logic into each application that you would like to protect. Additionally, when a new feature (maybe a new way of authenticating, or support for yet another source that could be used for enrichment) is implemented in the central platform, it becomes immediately available for all of the protected applications.
We are passionate about security, but we are well aware that users will try to circumvent security measures if they are not convenient. So our focus on security never looses sight of the users and their workflows. We try to find solutions that increase both security and user experience. Wouldn't it be a lot more convenient to authenticate using biometrics (face recognition or fingerprint authentication) in stead of having to enter a password.
Obviously an application that is unavailable or slow results in a bad user experience to say the least. In the design phase, we already make sure the proposed solution is robust, fault-tolerant and fast. We strive to reach 100% availability by having a swift 24/7/365 response and by scaling, sometimes automatically, to meet peak loads.
We are proud when we can deliver quality to our customers, a solution to a problem that is enjoyed by users and the teams that need to maintain the solution. We know what it feels like to be on call, "solving" a problem in the middel of the night, restartng an unreliable product, having zero guarantees it won't reappear in an hour. We've been there. We did not like that.
We like to build redundant and fault-tolerant systems and monitor them extensively, which makes us aware of issues before they can impact users. It gives the operational teams some leeway to solve the issue with little stress and before it becomes an incident.
SSOBuddy's consultants are excited when they get the chance to help build these kind of solutions and make them thrive in the domain of IT security.