View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
February 4, 2013updated 19 Aug 2016 9:27am

OneLogin survey notes the two-edged sword of cloud apps

78% will increase cloud app usage, 71% use apps unsanctioned by IT

By Jason Stamper Blog

According to the results of a new survey on the adoption, use and security of cloud applications by cloud single sign-on vendor OneLogin, 78%, plan to increase the number of cloud apps in their organisations this year.

At the same time, 71% of respondents admit they are using cloud apps that have not been sanctioned by their IT departments. The data is part of the 2013 State of Cloud Application Access Survey conducted by OneLogin, in collaboration with security consultancy flyingpenguin, of 200 IT and business professionals within organisations of all sizes and industries.

"This survey demonstrated that 2013 will be a tipping point in cloud adoption," said Thomas Pedersen, CEO of OneLogin. "With enterprises rapidly turning to cloud apps, the inherent risks in practices like using unsanctioned apps or sharing passwords on sticky notes need to be addressed, and quickly."

Speaking to me last week, Pederson claimed there’s a big difference between OneLogin’s cloud-based approach to sign-on and that of more traditional on-premise security smarts from the likes of Novell and Sun Microsystems. "Our approach makes it far easier to connect to cloud apps through a single portal, centralise access control, and automate user access management in the cloud," he said.

OneLogin claims it manages the single sign-on needs of 11 million users at 650 customers, the largest roll-out – which is still underway – being for 6 million users of the community site.

In terms of future development Pederson said the firm is aiming to act as a complete replacement for Microsoft’s Active Directory for those companies that want it – today OneLogin can integrate with AD instead. He said the firm is also looking to offer more in the way of device-based authentication.

Asked how seriously a firm like OneLogin takes its own security measures and procedures to keep users’ data safe, Pederson said the firm conducts regular penetration testing, is constantly having its security audited by third parties, and has its security checked also by partners and customers on an ongoing basis.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

OneLogin is venture capital backed and Pederson said the firm grew revenue 500% in the last 12 months, though as a privately-held firm it opts not to divulge total revenue.

Pederson said competition comes from the likes of Ping Identity, Simplified and Okta, though in his view only Okta is anywhere close when it comes to cloud-based SSO.

The survey also found that with access to cloud-based applications taking place from a variety of locations including smart phones (80%), tablets (71%) and non-company computers (80%) and with a large percentage of organisations (73%) needing to grant temporary access to cloud apps, respondents cited concerns around identity management, governance and complexity.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.