According to the results of a new survey on the adoption, use and security of cloud applications by cloud single sign-on vendor OneLogin, 78%, plan to increase the number of cloud apps in their organisations this year.
At the same time, 71% of respondents admit they are using cloud apps that have not been sanctioned by their IT departments. The data is part of the 2013 State of Cloud Application Access Survey conducted by OneLogin, in collaboration with security consultancy flyingpenguin, of 200 IT and business professionals within organisations of all sizes and industries.
"This survey demonstrated that 2013 will be a tipping point in cloud adoption," said Thomas Pedersen, CEO of OneLogin. "With enterprises rapidly turning to cloud apps, the inherent risks in practices like using unsanctioned apps or sharing passwords on sticky notes need to be addressed, and quickly."
Speaking to me last week, Pederson claimed there’s a big difference between OneLogin’s cloud-based approach to sign-on and that of more traditional on-premise security smarts from the likes of Novell and Sun Microsystems. "Our approach makes it far easier to connect to cloud apps through a single portal, centralise access control, and automate user access management in the cloud," he said.
OneLogin claims it manages the single sign-on needs of 11 million users at 650 customers, the largest roll-out – which is still underway – being for 6 million users of the RedHat.com community site.
In terms of future development Pederson said the firm is aiming to act as a complete replacement for Microsoft’s Active Directory for those companies that want it – today OneLogin can integrate with AD instead. He said the firm is also looking to offer more in the way of device-based authentication.
Asked how seriously a firm like OneLogin takes its own security measures and procedures to keep users’ data safe, Pederson said the firm conducts regular penetration testing, is constantly having its security audited by third parties, and has its security checked also by partners and customers on an ongoing basis.
OneLogin is venture capital backed and Pederson said the firm grew revenue 500% in the last 12 months, though as a privately-held firm it opts not to divulge total revenue.
Pederson said competition comes from the likes of Ping Identity, Simplified and Okta, though in his view only Okta is anywhere close when it comes to cloud-based SSO.
The survey also found that with access to cloud-based applications taking place from a variety of locations including smart phones (80%), tablets (71%) and non-company computers (80%) and with a large percentage of organisations (73%) needing to grant temporary access to cloud apps, respondents cited concerns around identity management, governance and complexity.