You’re not alone – everyone suffers from password fatigue. Your pain is likely different, however, based on your role within the organization. With the increased adoption of cloud applications in enterprise, employees tire from having to create and remember several secure passwords, IT bares the administrative burden of disparate systems, and senior management owns the risks of a security breach.

Let’s first explore the responsibilities of senior management. A password-related security breach, seen all too often from leading organizations, generates unflattering media attention that both the CEO and CIO must respond to. Being in a position to publicly admit faulty security measures is never pleasant nor desirable for organizations that aspire to longevity.

Although upper management faces the public when a breach occurs, it’s the IT staff who must provide the answers as to why it took place and, more importantly, how to avoid being in that situation again. But with so many web applications to manage and no centralized administrative tool, cloud computing for IT means continually resetting passwords, integrating several applications with the company’s existing directory, manually giving new employees access to all their web applications, or trying – often in vain – to prevent ex-employees from accessing enterprise data hosted online.

So how can an organization – that wants to leverage all the benefit of cloud computing – avoid enterprise-wide password pain? Enter identity management in the cloud.

In a nutshell, OneLogin offers a secure gateway to an organization’s web-based applications, both in the cloud and behind the firewall. Instead of accessing and managing applications individually, OneLogin provides employees with a secure portal where all the applications are just one click away. As for IT, they gain access to a centralized administrative dashboard where security policies can be set and enforced, users can easily be denied or granted access, and where all applications can be integrated with the existing directory.

The move to the cloud doesn’t have to be problematic. By adoption OneLogin as the organization’s identity and access management solution, employees at every level can enjoy the benefits of cloud computing, pain-free.

OneLogin and Sheepdoginc.ca have partnered to give customers an easy-to-use identity management solution that provides security-enhancing functionality, such as single sign-on, user provisioning and directory integration. (press release)

“Google Apps is one of many cloud solutions used by our customers,” explains Julia Rivard, Sheepdoginc.ca’s CEO. “By partnering with OneLogin, we enable our customers to take their siloed cloud applications and bring them under one roof to better manage access as well as remove the security issues inherent to user-managed passwords.”

Identity management offers a number of security and productivity-enhancing benefits to Sheepdoginc.ca customers:

• Secure, one-click access to Google Apps and other web-based applications drives-up adoption.
• One directory integration point eliminates the need to integrate with every application's proprietary interface.
• Support for multi-factor authentication provides customers with the option to easily add another level of secuity.
• User provisioning for key applications such as Google Apps, Salesforce, Yammer, Box.net and Zendesk means administrators can save significant time as well as ensures that former employees are effectively prevented access.

Even tech-savvy employees can fall prey to an email phishing scam. To help organizations gauge the risk of employees entering their login credentials on a fake landing page, OneLogin launched an online test that emulates a typical phishing attack.

Here's how it works: At OneLogin Phishing Test, the test admin enters the email addresses of employees who should receive the emulated phishing scam – the email message will ask employees to confirm access to the company's Google Apps account. If employees enter their credentials on the fake landing page, they will not be aware that they has fallen prey to an emulate phishing test. They will simply be redirected to the real Google Apps page where they can enter their credentials as they normally would.

Although employees don't know that they have been phished, the Test Admin receives an email alert and is provided with a dedicated results page where they can monitor results.

Why use the test? The test does not capture or record any of the login information provided by employees who fall prey – it only records that action was taken. It's an easy and safe way to measure an organization's level of risk and helps determine what changes need to be made internally to prevent suffering the embarassement of a real security breach.

How do your employees fare? Start your emulated phishing test to find out.

WordPress has long been one of the most popular integrations among our customers and some customers manage multiple WordPress accounts with many contributors. The original WordPress integration uses form-based authentication, which means we simply automate the login process using email address and password.

However, since we're on a crusade against passwords and WordPress has a nice plug-in framework, we decided to implement a SAML plug-in that you can use with OneLogin. In addition to simply eliminating passwords, the SAML integration provides these benefits:

• Easy, one-click access to WordPress
• Users can sign in with their Active Directory or LDAP credentials
• Multi-factor authentication for added security
• Centrally de-provision former employees and contractors

Plug-ins are available to anyone who hosts WordPress themselves (i.e. not on wordpress.com) and you can add it in a matter of seconds. Just click Plugins in WordPress' sidebar and search for SAML. OneLogin's plug-in will appear at the top.

See the step-by-step instructions in our support forum.

OneLogin announces its Active Directory Connector that enables the authentication of cloud application users against an organization's Active Directory.

While IT benefits from having a single directory integration point, employees can use their Windows credentials to access web applications, hosted in the cloud and behind the firewall. By eliminating the need for employees to remember several usernames, passwords and login URLs, OneLogin increases the adoption of cloud applications and reduces the security risks inherent with the repeated use of weak login credentials.

“Enterprises are keen to reap the benefits of cloud computing, but do not want to abandon their existing IT infrastructure,” explains Thomas Pedersen, CEO at OneLogin. “Our new Active Directory Connector allows them to extend their directories deep into the cloud with no custom development required.”

As enterprises continue to adopt cloud computing, integrating their existing directory with various applications’ proprietary authentication APIs poses both security risks and maintenance headaches. OneLogin’s Active Directory Connector provides a single integration point that enables enterprises to centralize authentication, eliminate passwords and make it easier for employees to access web applications.

OneLogin enables any enterprise to get single sign-on within minutes via Security Assertion Markup Language (SAML). Users can easily and securely connect to SAML enabled applications, such as Salesforce, WebEx, Google Apps, Workday, Yammer, Central Desktop, SugarCRM, KnowledgeTree, SAManage and many others.

View Press Release here. 

As part of our ongoing commitment to providing excellent customer service, we are introducing uptime statistics on our website

www.onelogin.com/uptime

 as well as a Twitter operations account.

twitter.com/oneloginops

Monthly statistics will be updated at the beginning of each month. In the event of downtime, updates will be published at @oneloginops and once the issue has been resolved, details about the issue can be found on our availability page.

We use Pingdom to monitor our service every minute from multiple locations around the world. In the evnet of a downtime alert, we will investigate and post any relevant details. We occasionally get reports that OneLogin is unreachable from certain locations in the world, but since these are isolated network problems and unrelated to OneLogin and our hosting provider Rackspace, they will not be included the statistics. Real downtime where the system is actually unavailable for all our customers will be included in the statistics.

We are going to report two numbers. Total uptime is the total uptime for the month and includes both planned and unplanned downtime. SLA uptime is the uptime we commit to in Service Level Agreements and do not include planned downtime.

SAManage, provider of on-demand IT management software, joins the ranks of visionary could vendors who leveraged OneLogin's free and open-source SAML toolkit to implement web-based single sign-on. By eliminating the need for password-based logins, SAManage customers now benefit from secure, one-click access to their IT asset management (ITAM) and IT service management (ITSM) software. (press release)

As enterprise adoption of cloud-based solutions continues to grow, it's important for vendors to help enterprises reduce the number of passwords and get better control of cloud security as well as making it easier for the employees to access all their applications. 

If your company is managing IT assets, try a free 30-day trial with SAManage.

OneLogin and KnowledgeTree, a cloud-based document management solution, are hosting a joint webinar on Wednesday, November 17 at 2 p.m. EST, 11 a.m. PST. Register today to learn how to "Protect Documents in the Cloud with Secure Single Sign-On".

    https://www2.gotomeeting.com/register/328605570

Our presenters, Thomas Pedersen, CEO of OneLogin and Evan Person, director of Product for KnowledgeTree will cover the following: 

• Protect your KnowledgeTree documents and other cloud data – by preventing phishing, enforcing password policies, and adding additional authentication factors.
• Increase productivity – by making all users' apps accessible with one click from OneLogin’s dashboard or your own intranet. 
• Drive adoption of your organization's cloud apps – because when it’s easier for users to access their applications, usage automatically goes up. 
• Manage and control credentials – synchronize users with your existing directory, and allow instant provisioning or de-provisioning of multiple passwords. 

KnowledgeTree recently announced its implementation of OneLogin's free, open-source SAML Toolkit to provide web-based single sign-on. (press release)

OneLogin reaches a milestone – 1,000 pre-integrated apps! Why is that significant? By pre-integrating leading cloud-based applications like Salesforce, Google Apps, Yammer, Zoho, DocuSign, SugarCRM, KnowledgeTree, we make it a breeze to add your favorite on-demand software to your OneLogin dashboard.

By popular demand, we have also made it possible to explore applications by category and customers are already reporting of new applications they have found and fallen in love with this way.

Although 1,000 apps is a great achievement, we’re continually adding to the list. If you have an application to recommend, by all means let us know at support@onelogin.com.

If you are a cloud vendor and your application is not already integrated with OneLogin, head over to our partner pageand register.

KnowledgeTree, a cloud-based document management solution, leveraged OneLogin’s free, open-source SAML Toolkit to implement web-based single sign-on (press release). OneLogin's dashboard gives KnowledgeTree customers one-click access to their documents, as well as all other cloud-based software; they no longer need to remember several destination URLs or re-use the same weak username and password to access on-demand software. 

With the use of SAML, KnowledgeTree strengthened security for its customers and provided a fast and easy way to access their account. Security is critical when your enterprise data resides in the cloud, but ease-of-use is also needed to drive user-adoption. If logging into a cloud application is worry-free and trouble-free, then usage and productivity goes up.

SAML is ideal for the enterprise because it offers strong security and flexibility, is easy to manage, and as a standards-based SSO protocol it lets the enterprise choose its identity management provider. SAML has traditionally been non-trivial to implement, but with OneLogin's free, open-source toolkit, cloud application vendors can now implement SAML in hours or days.

If you are interested in SAML-enabling your own cloud application, take a look at the documentation for the Rails toolkit or contact us at vendor@onelogin.com. The code is also available on GitHub at: http://github.com/onelogin.