Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

At RSAC 2025, we announced Extended Device Compliance, a new capability within 1Password Device Trust that enforces device posture Checks before allowing access to web applications, including those not protected by single sign-on (SSO). Extended Device Compliance redefines industry expectations for device trust solutions, ensuring devices are secure and compliant even when users access apps outside traditional admin control.

Omdia, a global analyst and advisory leader, recently released a report called “How Extended Access Management (XAM) closes the gaps in security.” The report defines the challenges of modern access management as: These unmanaged forms of access create an Access-Trust Gap: The security risks posed by unfederated identities, unmanaged devices, applications, and AI-powered tools accessing company data without proper governance controls.

Shadow IT has been a concern of IT and security teams since SaaS became mainstream. However, as SaaS has become increasingly decentralized and employees are more and more tech-savvy, the security issues associated with shadow IT have only become more prevalent. Recent research backs this up. Needless to say, employees are signing up for software and services outside of IT’s purview.

This blog has been adapted from an excerpted section of 1Password’s ebook: Why SSO is not enough for identity security. To read the complete ebook and learn more about the issues that SSO can’t cover, click here. Sign-on (SSO) solutions are designed to manage and secure access to applications. By integrating with a company’s identity provider (IdP), SSO allows users to authenticate to multiple applications via a single log-in.

According to Cobalt, the cost of cyber attacks is rising, with costs predicted to reach $15.63 trillion by 2029. This highlights the growing need for Privileged Access Management (PAM). Without a PAM solution, organizations face significant security and operational risks, including increased vulnerability to data breaches, insider threats, compliance failures and costly errors. Privileged accounts are prime targets for threat actors due to their elevated permissions and access to sensitive data.

Implementing a Privileged Access Management (PAM) solution can solve challenges like uncontrolled access to privileged accounts, insider threats, secret sprawl and lack of secure remote access. According to a recent EMA Research Report, 54% of organizations indicated they have granted privileged access on business systems to users who are not direct employees.