Authenticate Securely

Nathan Woodhull on November 22, 2021

We’ve improved the ways that customers can set up user account authentication within the ControlShift platform to support the requirements of the most sophisticated advocacy organizations.

Single Sign-On

Our customers use a wide a variety of organizing software products and need to make it as easy as possible for their volunteers to get involved more deeply in the organization. Requiring a cornucopia of different user accounts can lead to confusion and frustration as staff and volunteers navigate between the different pieces of software an organization might use to engage their supporters and put their volunteers to work.

Single sign-on allows organizations to configure a federated set of user logins and a unified sense of user identity across the tools that staff and volunteers use. Instead of managing logins and controlling access across dozens of tools, customers set up single-sign on platforms to allow their supporters to authenticate once with a single login that grants them access to all of the different toolsets they need access to.

In addition to ease of use, single sign-on also simplifies security administration tasks for staff by allowing the unified management of user login permissions as staff come and go.

At launch, we support single sign-on via either Microsoft Azure Active Directory or on-premises Active Directory Federation Services. If your organization uses a different single sign-on provider, get in touch and we’ll work with you to understand if an integration is possible.

Two-Factor Authentication Enforcement

We’ve long supported two-factor authentication as an additional security option for staff administrative accounts. With our latest updates, platform admins can choose to enforce the use of two-factor authentication across their organization as a platform-wide policy.

Two-factor authentication is a security feature that can effectively eliminate account phishing and other security risks associated with leaked account credentials because it requires users to enter a randomly-generated code, in addition to their password, when logging in. Learn more about two-factor authentication and how to set it up on your ControlShift account.

We have also added in-product messaging to encourage two-factor authentication adoption by admins even for organizations who have not opted into enforcing it. We recommend all of our customers use two-factor authentication across all of the products they use.