SSO is a good enabler of efficiency, but not the end-all security solution with its own flaws that allow for bypass. SSO tools alone are not enough to protect against unauthorized entries into an organization’s SaaS estate. There are certain steps you can take to avoid the risks presented by SSO, such as audit and identify users and platforms that can bypass SSO and IAM. A robust tool, like Adaptive Shield, can automate these steps to help prevent possible leaks or attacks.
Source: https://thehackernews.com/2021/05/is-single-sign-on-enough-to-secure-your.html