Category Archives: Software

OneLogin: Preventing Ex-Employee Breaches

Some folks may be unfamiliar with the term SSO, or single sign-on. It is the system with which someone could sign into most accounts, with an ID and password. Sometimes, the website or software and information the person is logging into isn’t the company that implements this, but rather a third party company that specializes in security. A company whose name is well known and appropriately named, OneLogin.

OneLogin is a leading SSO retailer who prides themselves on not only their speed, but their security, as well. Something that businesses look for in your security service, is trustworthiness and a step to achieving this, is vulnerability and transparency. OneLogin achieves this with their website, where they host posts that are honest and hold answers to questions their customers might beg when looking for a security service. Questions such as, “What happens to all our information and data if one of your employees goes rogue?”

OneLogins website hosts an article answering this exact question. To go along with the theme of openness, honesty and trustworthiness – the company notes that no company, anywhere, isn’t subject to ex-employees asserting their revenge on said company, if left with terms that are less than ideal.

58% of ex-employees still have access to company data after they exit their position and OneLogin notes a few instances in the past few years, which other companies have been subject to this possible worst case scenario. One particular case which they mention, was an instance where one of OFCOM’s ex-employees had downloaded six years of information and provided it to their next employer – a major broadcasting. Luckily, the broadcasters informed OFCOM of the data breach, but not every company is so lucky.

What could be a possible solution to this potentially damaging scenario?

OneLogin recommends to not purely rely on the word of the former employee alone, but to implement automated processes that terminate access to the businesses accounts after the termination of said employees contract. Along with doing so, OneLogin recommends a company implements a Security and Information Manager, which does checks for application use by former employees.

With these two steps in place, companies can properly prevent damage to business and efficiently protect themselves and their customers.

OneLogin championing access management standards and open identity in offices

OneLogin is a company that is based in San Francisco which deals with creating software. In this case, the company specializes in developing software applications that enable office visitors to sign using their iPads. Using OneLogin software, companies can make outdated, uninspiring, and insecure logbooks of the past.

Since its inception, OneLogin supports the rollout and adoption of the open identity as well as access management standards. It also provides free developer toolkits as well as the guidance required when implementing the single sign-on and user provisioning process. As such, the company reduces the requirements for application vendors to create schemas when creating reliable and secure IAM functionality.

One of the most important software developed by the company is Envoy which automates several steps that occur during a visitor’s registration process such as digital NDA, visitor sign-in, visitor photos and badges, and host notification.

OneLogin products have been adopted by several fastest growing as well as tech-forward companies which are keen to promote security and productivity. For most clients who purchase Envoy, they believe that customers who move in, across and out of the company premises can turn to be a nightmare. For IT admins they have to access multiple applications so that the end-user experience is smooth and that the system is secure.

However, recently, Envoy collaborated with OneLogin in implementing a SCIM protocol for the user provisioning known as the automated user on/off boarding. Currently, this feature has been made available to Envoy Enterprise and Premium customers.

The System for Cross-domain Identity Management otherwise known as SCIM aims at simplifying the user management and provisioning. Applications which are SCIM enabled allows clients to accelerate the application rollout as well as adoption. This is because it is easy to synchronize the user attributes into the desired application.

For the case of the Envoy, customers can automatically provision such fields including the employee’s last name, first name, office location, emails, from the OneLogin directory. The continuous synchronization is critical in elevating the ongoing user management since there is an automatic update on the user profiles.

Managing employees, as well as other application users including contractors and partners, can be difficult. This is because there may be multiple teams or individuals that are working on the same thing. Therefore, their productivity is minimized. However, productivity is increased through the Envoy visitor registration. The registration process captures, accurate are current data records.