Sorry should have clarified - we are a government organization that interacts with a number of other government agencies. It's simply not feasible for us to implement SSO for all of our own internal applications (many different units/teams), let alone the external apps/systems we are consumers of.