The Chief Security Officer (CSO) at a major hospital wants to implement SSO to help improve security in the environment and protect patient data, particularly at shared terminals. The Chief Risk Officer (CRO) is concerned that training and guidance have not been provided to frontline staff, and a risk analysis has not been performed.
Which of the following is the MOST likely cause of the CRO’s concerns?
A . SSO would simplify username and password management, making it easier for hackers to guess accounts.
B . SSO would reduce password fatigue, but staff would still need to remember more complex passwords.
C . SSO would reduce the password complexity for frontline staff.
D . SSO would reduce the resilience and availability of systems if the identity provider goes offline.
Answer: D