If you're on a Galaxy Fold, consider unfolding your phone or viewing it in full screen to best optimize your experience.
OneLogin's automated identity management software increases network security and reduces low-level IT help desk support requests. Its entry-level price point also lets you add sign-on (SSO) and multi-factor authentication (MFA) technology without breaking the bank.
You employ multiple types of security to protect your physical inventory and must do the same for your business's enterprise network and data.
Every login screen on each device connected to your network is a potential intrusion point for hackers, and you can't rely on employee-generated passwords such as 1234567 or password to keep your digital assets safe.
OneLogin is a leading identity management software provider. We'll take a close look at its features, pricing, strengths, and weaknesses, so you can decide if it's the right fit for your small business.
Founded in 2010, OneLogin supplies cloud-based identity and access management (IAM) solutions, including single sign-on (SSO) and multi-factor authentication (MFA) for endpoint security. It also provides a unified access management platform for enterprise-level businesses and organizations.
More than 2,500 companies, including Airbus, Tesco, and Zoes Kitchen, use OneLogin, but its pricing schedule makes it affordable for smaller companies.
OneLogin security has separate product suites for workforce and customer identity management. In this review, we'll focus on its workforce applications, which include:
Let's begin with a closer look at OneLogin's SSO and MFA and their reporting features.
SSO allows users to log in once to the OneLogin interface and directly access third-party applications such as Gmail, Slack, and Salesforce in the cloud or behind a company firewall.
Users save time because they are not required to log into multiple accounts every day, and network security is increased because you can customize password policies with required length, complexity, and session timeouts.
Account admins have multiple options when adding and configuring apps from OneLogin's catalog:
Once your user portal is set up and populated with apps, employees can access them after logging in.
You can choose from more than 6,000 pre-integrated applications, but if you use one that's not in its catalog, the OneLogin custom connector feature adds it to your user portal.
All passwords can be cracked; it's only a matter of computational power and time. MFA addresses this issue by requiring more identification factors such as answering a security question, sending a one-time password (OTP) to your phone, or using a fingerprint.
OneLogin MFA protects against multiple attack types:
Even if attackers have login credentials, secondary authentication factors prevent them from accessing your company's network and data.
The free OneLogin Protect app for iOS and Android devices provides seamless MFA, including OTPs.
Your network's security is critical, and IAM reports provide valuable information, especially if you have a network security operations center to help prevent cyberattacks.
OneLogin's centralized records for user management and login activity let you examine users, apps, and events using its standard reports or ones you've customized.
OneLogin has four report types:
Another useful feature at OneLogin's website is its network status information, which is updated daily. The screenshot below is for U.S. network performance, but you can see the same information for Europe, too.
OneLogin is known for the security of its network, which has remained operational during wide-scale distributed denial of service attacks, and for discovering intrusions within hours instead of the more common time frame of weeks or months.
As your company grows, information technology (IT) techs inevitably spend more time on creating new passwords, resetting passwords, and solving related issues.
OneLogin's password management automation results in fewer password-related help desk tickets, which leads to improved employee productivity and increased IT department efficiency.
The biggest issue on the IT side was third-party apps not being updated as soon as their vendors changed configurations, but with more than 6,000 apps in the OneLogin catalog, this is not unexpected.
Users like OneLogin's clean SSO interface and the ability to access multiple company-wide applications. Adding apps and logins via the web browser extension is also handy.
The best IAM software should be invisible, allowing users to securely access the applications they need without any undue thought about how they got there. The majority of OneLogin users report that this is their experience.
The biggest complaint most users report is repeatedly logging in after sessions time out. However, this illustrates a different issue -- the too common lack of communication between IT departments and users.
As per the screenshot below, your company's account administrators, not OneLogin, choose the session timeout settings, which include a no timeout option.
All IAM software impacts the user experience -- added authentication factors, the need for mobile apps to receive OTPs -- and nobody wants more hoops to jump through to do their job. Educating users about how and why your company is using OneLogin is critical to achieve company-wide buy-in.
OneLogin's pricing has three plans:
Quarterly subscriptions get a 5% discount, and annual subscriptions get 10%. A 30-day free trial of the Enterprise plan is available. The OnePlus support package comes with all plans; OnePrime and OneVIP cost extra.
OneLogin offers three support packages:
OnePlus support is included with all plans. OnePrime and OneVIP cost extra, but no pricing information is available at OneLogin's website.
Online support options include:
The OneLogin blog provides the newest information on topics, including products and technology, security and compliance, and other company news.
While SSO and MFA are the backbone of OneLogin's IAM software, extra benefits come from related add-ons and features. We'll take a look at three of them below: the Portal mobile app, browser extensions, and SmartFactor authentication.
When you and your employees are on the go, use OneLogin's free Portal app for iOS and Android devices to log into your account and access your apps.
The OneLogin Portal app features include:
The app was recently redesigned and now automatically fills form-based application logins.
While the OneLogin desktop portal is easy to use, your employees may not want to return to it during the day to access different applications. They won't have to when they use the OneLogin extensions for Chrome, Safari, Internet Explorer, Firefox, and Edge browsers.
Some apps require you to use the browser extension because their integration is via form-filling.
The browser extension's functionality includes:
The extension also has an Add App dialog box that appears when it detects a login page for an app not in your OneLogin portal.
The browser extension is safe to use on any computer because it doesn't save passwords locally on a user's computer.
Standard MFA tools use inflexible rules for logins, but these can diminish the user experience if applied too rigidly.
For example, I worked at a college where every time I logged into its email system -- even if I was using the desktop computer in my campus office -- I had to enter a OTP sent to my phone. It wasn't the end of the world, but it was an ongoing hassle.
OneLogin's SmartFactor Authentication uses an artificial intelligence (AI) risk engine that calculates a risk score to determine the best adaptive authentication security factors to apply to each login.
SmartFactor Authentication factors include:
If my old college had used adaptive authentication, someone attempting to log into my school email account outside of the U.S. or from an unrecognized device would have triggered MFA, but I could have logged in from my campus office with only my password.
OneLogin has the same standard features -- SSO, MFA, mobile apps, and browser extensions -- as other major IAM players, so it's not breaking any new ground. The biggest draw is the Starter plan's pricing: a total of $50/month for 25 users.
If you're new to this technology, you can get your feet wet and figure out how it works without a burdensome financial commitment.
Free Plan | Phone Support | Monthly Billing | Mobile App | |
---|---|---|---|---|
OneLogin | ||||
##PRODUCT-LINK-google-cloud-identity## | ||||
##PRODUCT-LINK-lastpass-for-business## | ||||
##PRODUCT-LINK-okta## | ||||
##PRODUCT-LINK-azure-active-directory## |
OneLogin's functionality is suitable for large corporations, but its multiple subscription plans also make it affordable for small businesses.
International customers include European aircraft manufacturer Airbus and U.K. supermarket chain Tesco, while the Cleveland Institute of Art and Vermont Teddy Bear are U.S. clients.
OneLogin's three subscription plans range from $2/month per user to $8/month per user. The lowest level Starter plan requires a minimum of 25 user licenses, while the top-level Unlimited plan only requires a minimum of five users. Support packages beyond the standard OnePlus plan cost extra.
All OneLogin plans include OnePlus support with 12/5 phone and online customer service. The OnePrime and OneVIP packages have 24-hour support, periodic technical reviews, and customer success managers.
Self-service resources include a knowledge base, technical documentation, community support, and on-demand and live webinars.
We're firm believers in the Golden Rule, which is why editorial opinions are ours alone and have not been previously reviewed, approved, or endorsed by included advertisers. The Ascent, a Motley Fool service, does not cover all offers on the market. The Ascent has a dedicated team of editors and analysts focused on personal finance, and they follow the same set of publishing standards and editorial integrity while maintaining professional separation from the analysts and editors on other Motley Fool brands.