Infrastructure // Storage
01:10 PM
Connect Directly
Repost This

Dropbox Adopts Single Sign-On Technology

Dropbox says any off-the-shelf or homegrown identity management system that's compatible with the Security Assertion Markup Language (SAML) standard can be configured to automatically sign users into its service.

10 Top Password Managers
10 Top Password Managers
(click image for slideshow)
Cloud-storage service Dropbox announced Wednesday that its Dropbox for Business service now offers single sign-on (SSO) via the Security Assertion Markup Language (SAML) standard.

Effective immediately, any off-the-shelf or homegrown identity management system that's compatible with SAML can be configured to automatically sign users into Dropbox.

"SSO lets users sign in just once to a central identity provider, like Active Directory, and securely gain access to all of their business apps," said Dropbox engineer Alex Allain in a blog post. "And because a company's existing trusted identity provider is in charge of the authentication process, admins don't have to worry about managing multiple applications."

[ Social log-ins a la Facebook are becoming more common. Read Google Taunts Facebook With Sign-In Challenge. ]

Dropbox claims it's used in 2 million unique businesses, and 95% of the Fortune 500 companies. Tying cloud services like Dropbox into an enterprise Active Directory or LDAP server enables IT managers to centrally provision users; for example, they can give users access to specific services when they're hired, offer role-based access, and ensure that access gets immediately discontinued for employees who leave the company.

Centralized provisioning also lets businesses enforce password policies to ensure that users choose strong passwords, and lets them require access using two-factor authentication, adaptive authentication, or other multi-factor approaches.

To make it easier for businesses to use Dropbox SSO, the company has worked with multiple identity management companies, including Centrify, Okta, OneLogin, Ping Identity and Symplified, to integrate their services with Dropbox.

Dropbox's approach to SSO, announced last month, is based on SAML, an XML-based standard for transmitting authentication and authorization information via the Internet that's designed to allow users to authenticate once, then access any SAML-compatible service, whether it's located on the premises or hosted in the cloud.

"By adopting this open standard, Dropbox is making life easier for end users while at the same time allowing IT to tightly control employee access to the application -- which is the biggest advantage of the SAML standard," said Thomas Pedersen, CEO of OneLogin, in a blog post. He said his company's related offering, OneLogin for Dropbox, is free, although adding additional applications and capabilities costs extra.

"When a company like Dropbox jumps on the SAML bandwagon, it becomes a significant validation that cloud application security and ease of use can be mutually reinforcing," Pedersen said. "IT departments and end users both win."

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.