Dropbox For Business Adds Single Sign-On For Easy Access

Dropbox, in the face of massive competition in the enterprise space, has launched a version of its cloud file-sharing software specifically aimed at businesses.

While Dropbox is widely used in businesses, it has been criticised for its security credentials. It’s no surprise that the biggest sell of Dropbox for Business, formerly “Dropbox for Teams” is a security feature: single sign-on (SSO).

Secure enough?

“SSO works behind the scenes to let users sign in just once to a central identity provider, like Active Directory, and securely access all their business apps, like Dropbox. With SSO, companies can put their existing trusted identity provider in charge of the authentication process,” Dropbox said in a blog post.

“For users, SSO means ease — one fewer password to remember and one fewer step to get to your work. Once logged in to your system, there’s no need to sign in to Dropbox separately. For IT admins, SSO means additional security and administrative management. Single sign-on gives you complete ownership of the authentication process and works with your company’s existing password policies,” the blog’s author wrote.

The SSO feature will land next month, provided by a host of companies, including Ping Identity, Okta, OneLogin, Centrify and Symplified.

SSO, while great for IT and users, can be exploited by hackers. A year ago, researchers discovered flaws in the way certain SSO systems were being run. Problems lay in the communication between the service itself and the identity provider – if there are weaknesses in that link, attackers can pick up certifying tokens or make changes to queries, and ultimately pretend to be valid users.

This first appeared as two stories on TechWeekEurope UK. Read the whole story here.