With Single Sign-On or SSO, users log in to all your applications with one username and one password. Very easy for them, while it saves your organization a lot of management work. For example, if an employee leaves, that person does not have to be removed as a user per application. You do that in one go for all applications, just like changing access rights. So quick and efficient! Single Sign-On also has another major advantage, namely that you can apply Two-Factor Authentication for extra security.

More and more organizations are using Two-Factor Authentication, also known as Multi-Factor Authentication. It is gradually becoming the norm for securing applications. The principle of 2FA is simple: users gain access to their application environment in two steps. In addition to their username and password, they must also enter a code. They receive this via their mobile phone or a ‘token’, a device specially designed for this purpose. In this way, Two-Factor Authentication minimizes the chance of unwanted intruders.

You can also use 2FA with IBM Maximo. This is even a ‘must’ if you make the software accessible to users not only via your own company network, but also via the internet. However, 2FA is not supported out-of-the-box by Maximo. However, by using the application server security model, it is easy to implement. If you want to use Two-Factor Authentication in IBM Maximo, this is possible, for example, via MS Active Directory (in combination with Active Directory Federation Services or ADFS), Azure Active Directory or the cloud solution from identity provider OKTA. With the popular SAML protocol, you can easily link IBM Maximo and these three most used 2FA solutions.

Does your organization already use SSO based on SAML? Then the step to 2FA with IBM Maximo is child’s play. In Azure Active Directory and OKTA, for example, it is a matter of ticking a box, they offer this option as standard. If you are not yet using Single Sign-On, it is a good idea to first map out your IBM Maximo environment. Are there, for example, links with other systems, such as your financial system, your ERP software or CRM application? Do you use MxLoader for loading Excel data? And how do you set up your 2FA solution so that you can continue to use these links? At Gemba, we have a lot of knowledge about this and we help you to make the step to Single Sign-On and Two-Factor Authentication without any problems.