Should all of our systems authenticate to the same place?

Many software systems can be configured to authenticate to your network account repository – the most popular one being Active Directory. The primary advantage for users is one password for access to multiple systems. For administrators it is also being able to deactivate an account in one central location for all systems. If you are using Active Directory you can then apply policies around user’s accounts as well.

So, for ease of management and to be able to apply available management tools, having central authentication is a time (and therefore money) saver for both users and administrators.

On the downside, authenticating to one repository for multiple systems means that if a password is compromised an unauthorized user could potentially gain access to all systems the authorized user has access to. In addition, if that repository experiences an outage users could be locked out of multiple systems. Thus, make sure you plan accordingly and implement best practices for security before switching to central authentication.