Do we support Single Sign-On (SSO)?

While Zanda doesn’t support SSO yet, you can enhance security by setting up 2-Factor Authentication.

Single sign-on is an authentication scheme that allows a user to log in with a single ID and password to any number of related, yet independent, software systems. Companies with multiple employees may practice implementing Enterprise SSO, while smaller-sized businesses or sole traders may want to log in via a social network to avoid typing one more password.

Note to Users

Zanda is continuing to gather customer interest in this, but does not support this functionality yet. If you are looking to improve the security of your account, it's recommended that you set up 2-Factor Authentication instead, which requires a second device to authorise and authenticate each login attempt.

Ultimately, SSO is typically used by individual users on non-healthcare platforms like Spotify, Google, Apple and Facebook, while your Zanda credentials should be treated more carefully than any other considering the implications to patient data.

We also need to consider a number of different factors before we consider implementing Single sign-on (SSO) including but not limited to;

  • The security of sensitive clinical patient data which we are responsible for, as your data controller.
  • Logging in with your Facebook credentials, for example, might be a security risk if any other person (like a family member) knows your Facebook credentials. They would be able to log in and gain access as an unauthorised user.
  • Having your web browser auto-save your Google login, for example, on a mobile device especially would allow other persons to do the above.
  • We consider clinical data too sensitive to be exposed to these platforms which are a common target of worldwide hacking groups - a loss of their availability can result in a denial of access event to all systems, including Zanda.

Hint 💡

Read more about the various criticisms and discovered security flaws over the years at Wikipedia.