OneLogin
OneLogin, Inc. is a cloud-based identity and access management (IAM) provider that designs, develops, and sells a unified access management (UAM) platform to enterprise-level businesses and organizations. Founded in 2009 by brothers Thomas Pedersen and Christian Pedersen, OneLogin is a late stage venture, privately held company.[2]
Type | Private company |
---|---|
Industry | Cloud computing |
Founded | 2009 |
Founders |
|
Headquarters | San Francisco, California |
Revenue | $50.2 Million(2019)[1] |
Number of employees | 260 (2019) |
Website | https://www.onelogin.com |
OneLogin was named a leader in the Gartner Magic Quadrant for Access Management in 2020.[3] The OneLogin UAM platform is an access management system that uses single sign-on (SSO) and a cloud directory to enable organizations to manage user access to on-premises and cloud applications. The platform also includes user provisioning, lifecycle management, and multi-factor authentication (MFA).
OneLogin is based in San Francisco with a developer office in Redmond, Washington, as well as Atlanta, Dublin, London and Guadalajara. The company hosts an annual Connect user conference.[4]
History
OneLogin was founded in 2009 in San Francisco by Thomas and Christian Pedersen.[5][6] The brothers were involved with the on-demand help desk application, Zendesk, before launching OneLogin. Through their interactions with Zendesk customers, the founders realized that companies were encountering security and productivity challenges moving into the cloud. They came up with the idea of building an identity and access management solution that was secure and easy to use. OneLogin officially launched in 2010[7] with a seed round of funding and a $4.7M Series A round.
From 2013 through 2017, the company raised an additional $48M, with an additional $22.5M raised in 2018. In August 2017, OneLogin appointed Brad Brooks as chief executive officer.[8]
In 2018, Matt Hurley was hired as Vice President of Global Channels[9] and Venkat Sathyamurthy was appointed Chief Product Officer.[7]
In January 2019, OneLogin received $100 million in a debt and equity deal.[10]
Products
OneLogin's Unified Access Management Platform includes:
- Single sign-on
- Cloud directory
- Directory integrations
- User provisioning and lifecycle identity management
- Multi-factor authentication
- Adaptive authentication
- Mobile Identity Management
- Virtual LDAP
- Cloud RADIUS
- Desktop for authentication via Mac or Window machines
- Access for integrating legacy applications
Customers
OneLogin is deployed by over 2000 companies worldwide, from high-growth tech companies like Airbnb, Uber, and Facebook to well-established global multinationals such as Airbus, Du Pont, Royal Mail, Herman Miller, and Dun & Bradstreet.[11]
Funding
OneLogin is backed by the venture firms Charles River Ventures, The Social Capital, and Scale Venture Partners. Its venture funding includes:[12]
- $4.7M Series A in June 2010
- $13M Series B in October 2013
- $25M Series C in December 2014
- $10M Series C May 2017
- $22.5M Series C in June 2018
- $100M Series D in January 2019
Acquisitions and partnerships
- In December 2015, OneLogin acquired San Diego-based Cafésoft, a provider of on-premise Web Access Management (WAM) software. The technology enables OneLogin to extend Single Sign-on to applications running on-premises.[13]
- In June 2016, OneLogin acquired Santa Clara, California-based Portadi, a cloud-based password management tool. The technology enables OneLogin to automatically populate customer's OneLogin single sign-on portals with applications as employees manually sign into them.[14]
- In September 2016, OneLogin announced a partnership with Deutsche Telekom’s T-Systems to resell OneLogin within the European Union (EU).[15] Other global partners include CDW, SHI, Gotham, Guidepoint, MicroAge, Infosys, Hermitage Solutions, and TechMahindra.
- In November 2016, OneLogin acquired London-based Sphere Secure Workspace, a software vendor with container technology that runs on mobile devices.[16]
- In June 2017, OneLogin acquired Auckland, New Zealand-based ThisData, a developer-focused cloud security company specializing in account takeover detection. The technology has been used to enable OneLogin’s adaptive authentication solution, which uses machine learning to intelligently score the risk of each login attempt, and challenges users making high-risk logins to use an additional authentication factor.[17]
Recognition
- May 2015: Forrester Research ranked OneLogin as the top vendor in the Forrester Wave for Cloud Identity & Access Management.[18]
- December 2015: OneLogin named a "Best Place to Work" by Glassdoor.[19]
- January 2016: OneLogin ranked 28th on Deloitte’s Technology Fast 500.[20]
- March 2016: OneLogin named to the "Fast 50" privately held Internet security, networking, and storage companies by JMP Securities LLC.[21]
- April 2016: OneLogin named one of Fortune's Top 25 Workplaces in the Bay Area - SMB[22]
- July 2017: Gartner Peer Insights ranks OneLogin #1 among Access Management providers.
- August 2018: OneLogin makes the Constellation ShortList for Cloud Identity Management vendors.[23]
- September 2018: OneLogin featured with a 4.6 rating in Gartner's peer insights Reviews for Access Management.[24]
Availability
OneLogin runs in multiple Amazon Web Services (AWS) datacenters in the US, as well as in AWS Dublin and AWS Frankfurt.[25]
Security
In August 2016, OneLogin reported that "an unauthorised user gained access to one of our standalone systems, which we use for log storage and analytics." The single user accessed the service for a month or more, and may have been able to see Secure Notes unencrypted. To remediate, OneLogin fixed the cleartext logging bug, locked down access to the log management system, and reset passwords.[26]
OneLogin remained available and performant during the October 2016 attack on Dyn, a major provider of DNS services, which brought down many websites, including Spotify, Twitter, Reddit, and The New York Times, in part by using redundant DNS providers.[27]
On May 31, 2017, OneLogin detected and stopped unauthorized access in their US data region. According to a OneLogin blog post on the breach, "a threat actor used one of our AWS keys to gain access to our AWS platform via an API from an intermediate host with another, smaller service provider in the US."[28]
OneLogin staff detected the intrusion in seven hours, faster than Cisco's estimated industry average of 100–200 days to detect a breach and FireEye's 146 days to detect a breach, and slightly faster than Cisco's best median TTD of nine hours to discover security issues.[29] OneLogin staff stopped the intrusion within minutes, significantly faster than the industry average of 100–120 days[30] to remediate existing vulnerabilities.
References
- https://www.bizjournals.com/sanfrancisco/news/2019/01/10/bay-area-cybersecurity-company-lands-100-million.html
- Kepes, Ben. "From Copenhagen To The Valley - OneLogin's Journey". Forbes. Retrieved 4 December 2018.
- Kreizman, Gregg. "Magic Quadrant for Access Management, Worldwide". Gartner. Retrieved 4 December 2018.
- "OneLogin Connect19". Onelogin. Retrieved 10 August 2020.
- "OneLogin creates 30 jobs in Dublin in new EMEA HQ". 2019-12-04. Cite journal requires
|journal=
(help) - Askjær, Thomas Hvelplund (2019-01-19). "Brødre henter stor trecifret millioninvestering til californisk it-komet – har rejst mere end 1 milliard siden 2009". borsen.dk. Retrieved 2020-08-18.
- "(Press Release) OneLogin Appoints Venkat Sathyamurthy as Chief Product Officer". MarketWatch. 19 September 2018. Retrieved 4 December 2018.
- "(Press Release) OneLogin Appoints Brad Brooks as Chief Executive Officer". GlobeNewsWire. Retrieved 4 December 2018.
- "(Press Release) OneLogin Names Matt Hurley Vice President of Global Channels, Strategic Alliances and Professional Services". Silicon Valley Business Journal. 23 July 2018. Retrieved 4 December 2018.
- Brad Brooks (January 11, 2019). "SF cybersecurity company lands $100M in debt and equity deal". Silicon Valley Business Journal. Retrieved January 12, 2019.
- "Customers". OneLogin.com. Retrieved 4 December 2018.
- "OneLogin, Inc". CrunchBase. CrunchBase. Retrieved 4 December 2018.
- "(Press Release) OneLogin Enhances Its Cloud-Based IAM Solution for Enterprises With Hybrid On-Premise and Cloud Environments Through Acquisition of Cafesoft". MarketWired. 7 December 2015. Retrieved 4 December 2018.
- "(Press Release) OneLogin Acquires Portandi". OneLogin. OneLogin. Retrieved 4 December 2018.
- "OneLogin Signs Contract with Deutsche Telekom's T-Systems". Reuters. Vocus PRW Holdings, LLC. 28 September 2016. Retrieved 4 December 2018.
- "BRIEF-Onelogin acquires Sphere Secure Workspace to provide next-generation mobile application management for the enterprise". Reuters. Reuters. 9 November 2016. Retrieved 4 December 2018.
- "Why ThisData has Joined with OneLogin". OneLogin. OneLogin. Retrieved 4 December 2018.
- "(Press Release) OneLogin Receives Highest Score Among All Vendors in Current Offering Category". Onelogin. Forrester. Retrieved 4 December 2018.
- "(Press Release) Onelogin Awarded by Glassdoor: "Best Places to Work 2016"". OneLogin. OneLogin. Retrieved 4 December 2018.
- "(Press Release) OneLogin Ranked as Number 28th Fastest Growing Company in North America on Deloitte's 2015 Technology Fast 500(TM)". Yahoo! Finance. Yahoo!. 19 January 2016. Retrieved 4 December 2018.
- "(Press Release) OneLogin Named to JMP Securities Fast 50 List of Hottest Privately Held Companies". OneLogin. OneLogin. 28 March 2016. Retrieved 4 December 2018.
- "Bay Area News Group Top Workplaces 2016". issuu. issuu. 25 June 2016. Retrieved 4 December 2018.
- Wilson, Steve (29 August 2018). "Constellation ShortList™ Cloud Identity Management". Retrieved 4 December 2018.
- "Comparing OneLogin". Gartner. 19 September 2018. Retrieved 4 December 2018.
- "Building trust through transparency: New Availability Page". OneLogin. OneLogin. 28 January 2016. Retrieved 4 December 2018.
- "(Press Release) August 2016 Incident". OneLogin. OneLogin. Retrieved 4 December 2018.
- Milanovich, Dragan (25 October 2016). "How OneLogin maintained 100% uptime during the Dyn DDoS attack". OneLogin. OneLogin. Retrieved 4 December 2018.
- "(Press Release) May 31, 2017 Security Incident". OneLogin. OneLogin. Retrieved 4 December 2018.
- "Breach Detection by the Numbers: Days, Weeks or Years?". Infocyte. Infocyte. Retrieved 4 December 2018.
- Worth, Teresa (1 February 2018). "Why Endpoint Management Is Critical to Security Strategy". Security Intelligence. IBM. Retrieved 5 December 2018.