For a very long time I wondered why SSO was always listed as a premium feature across nearly every enterprise software pricing page but no more! When you’re small it’s simple to manage permissions and the costs of screwing up are far smaller. Large companies, on the other hand, have complex organization structures with hundreds of employees that use a wide range of applications and access controls are a real concern. It’s possible to manage that through a herculean manual effort but it’s so much easier to just pay someone to solve the problem for you. Along similar lines, it’s valuable to minimize the amount of SAAS services used across the organization to reduce both the complexity and the cost although these days it feels like a fool’s errand.
It’s surprising how many third party services a typical midsize tech (but every company is tech!) company uses these days. This ranges from cloud providers (AWS) to version control (Github) to storage (Dropbox) to communication (Slack) and workflow (Atlassian) tools. And the list above is just the basics - there are a ton of other tools that teams use that all require a proper access control policy. Each of these has their own rules and permissions to manage and it’s inevitable that something slips by if managed manually.
I’ll end this with some examples to highlight the difference in pricing between the SSO and non-SSO option across a few services.