Single Sign-On Proves Effective Against Corporate Phishing Attacks February 15th, 2011 OneLogin launches an enterprise Phishing Test to help evaluate the risk of employees interacting with fraudulent emails – on average 25 percent fall prey. Test results are used to implement security policies that prevent sensitive data from being exposed to criminals. To start the test, go to: http://phishingtest.onelogin.com Santa Monica, CA, February 15, 2011 — To help organizations gauge their risk of a security breach, OneLogin, a single sign-on and identity management solution, launched today an online test that emulates a typical phishing attack. The OneLogin Phishing Test measures the number of employees who enter their login credentials on a fake landing page. Based on test results – the average fail rate is 25 percent – organizations can make process changes that will secure access to sensitive company data. “The growing use of enterprise web applications has created a robotic response from employees when presented with a login prompt – they automatically enter their password without necessarily questioning the validity of the request,” states Thomas Pedersen, Founder and CEO of OneLogin. “This is potentially very dangerous; even one successful phishing scam can give criminals access to numerous applications containing sensitive corporate data.” Email phishing attacks target organizations, not just consumers, and even the technically savvy can be fooled by a well crafted phishing scam. By deploying OneLogin, organizations remove the risk of employees divulging their login credentials for applications that contain sensitive and confidential information such as: company financials, customer data, and employee records. OneLogin eliminates the need to remember multiple usernames, passwords and login URLs by providing a secure single sign-on portal. While employees gain quick application access, IT can centralize access control and monitor usage. About the Test The phishing test helps measure the risk of employees divulging their login credentials on fake URLs. The results are used to discuss security measures with staff and implement the needed technology solutions needed to prevent a security breach. According to OneLogin: “The test results are also used as justification for technology purchasing decisions. IT can deliver proof that the company is at risk of a security breach.” About OneLogin, Inc OneLogin is an on-demand single sign-on and identity management solution that enables midmarket enterprises to manage the growing use of web applications, both in the cloud and behind the firewall. With OneLogin, IT can easily administer users and control cloud application access with seamless directory integration, one-step provisioning, and a comprehensive audit trail. In turn, the OneLogin Portal gives employees secure, one-click access to cloud solutions. OneLogin, Inc. is backed by CRV and Redpoint Ventures. Free Trial Available at: https://www.onelogin.com | Twitter: @onelogin.