Dropbox for Business’ Support of SAML Based Single Sign-On Marks a Milestone in Cloud App Security

May 20th, 2013   |     |  Product & Technology

“We are excited to partner with OneLogin to bring single sign-on, enterprise-class security and seamless directory integration to Dropbox for Business customers.”

Ari Friedland | Head of Business Development, Dropbox for Business

Today, Dropbox for Business announced for the first time its close relationship with OneLogin, along with its full support for SAML-based single sign-on (SSO), which lets users access multiple applications using just one name and password. Dropbox’s support is indicative of SSO’s coming-of-age, and we predict that those who have yet to adopt it will soon move in that direction, just as Dropbox has. It also highlights the ever-increasing usage of cloud apps like Dropbox by global enterprise. In fact, our 2013 State of Cloud Adoption Access Study – based on a survey of IT decision makers – found that 78 percent of respondents planned to increase the number of cloud applications in their organizations this year.

The Dropbox and OneLogin Partnership

Dropbox is a member of OneLogin’s Cloud ISV Partner Program and our strong partnership spans executive management, engineering, sales, and support. This close collaboration has helped OneLogin deliver the most comprehensive Dropbox identity and access management solution on the market today. Perhaps best of all, OneLogin for Dropbox Business is free.

SAML Rising

Alongside the increase in cloud apps within the enterprise, SSO has enjoyed a rapid adoption rate among enterprises of various sizes due to a few key benefits, including the fact that it significantly reduces inbound calls to IT help desks and improves worker productivity by removing the onerous task of having to track multiple passwords for multiple enterprise apps. It also minimizes security risks in an enterprise environment where 43 percent of IT managers admit that employees are managing passwords in spreadsheets or, worse, Post-It Notes (another finding from our study).

However, the news is significant for a host of other reasons. SSO leverages Security Assertion Markup Language (SAML), an XML-based open standard data format for exchanging authentication and authorization data between an identity provider and a service provider. By adopting this open standard, Dropbox is making life easier for end users while at the same time allowing IT to tightly control employee access to the application – which is the biggest advantage of the SAML standard.

More Secure?

Another benefit: SAML’s unique properties increase overall security. The mathematical principles behind SAML are quite strong and are also used in asymmetric encryption. Identity providers issue key pairs (public/private) and makes the public key available to the applications enterprise users are signing into. At the same time, the private key can be used to provide XML-based security assertions with digital signature, at which point the assertion is delivered to the intended app via an employee’s browser. The app is then able to verify via the public key that a given user’s security assertion is permitted, which leads to successful sign-on on the part of the user.

When a company like Dropbox jumps on the SAML bandwagon, it becomes a significant validation that cloud application security and ease of use can be mutually reinforcing. IT departments and end users both win.

About the Author

Thomas Pedersen, founder of Onelogin, has more than 15 years of experience in building and selling carrier-grade billing systems for phone companies, initially at Cisco-backed Digiquant in Denmark and later at Intec Telecom Systems in the US. After having helped Zendesk grow to 5,000 customers as VP Business Development, he is now laser-focused on making OneLogin the most widely deployed identity management solution in the cloud.

View all posts by Thomas Pedersen

Secure All Your Apps, Users, and Devices