Dropbox For Business Lands With Single Sign-On

Dropbox, in the face of massive competition in the enterprise space, has launched a version of its cloud file-sharing software specifically aimed at businesses.

Whilst Dropbox is widely used in businesses, it has been criticised for its security credentials. It’s no surprise then that the biggest sell of Dropbox for Business, formerly Dropbox for Teams” is a security feature – single sign-on (SSO).

Dropbox security boost?

“SSO works behind the scenes to let users sign in just once to a central identity provider, like Active Directory, and securely access all their business apps, like Dropbox. With SSO, companies can put their existing trusted identity provider in charge of the authentication process,” Dropbox said in a blog post.

“For users, SSO means ease — one fewer password to remember and one fewer step to get to your work. Once logged in to your system, there’s no need to sign in to Dropbox separately.

“For IT admins, SSO means additional security and administrative management. Single sign-on gives you complete ownership of the authentication process and works with your company’s existing password policies.”

The SSO feature will land next month, provided by a host of companies, including Ping Identity, Okta, OneLogin, Centrify and Symplified.

SSO, whilst great for IT and users, can be exploited by hackers. A year ago, researchers discovered flaws in the way certain SSO systems were being run. Problems lay in the communication between the service itself and the identity provider – if there are weaknesses in that link, attackers can pick up certifying tokens or make changes to queries, and ultimately pretend to be valid users.

Dropbox has been facing up to much tougher competition in the business file-sharing space in recent times, with a slew of start-ups and seasoned players getting involved. Many have led with the claim they are producing “Dropbox for business”, something the file-sharing leader will no doubt be hoping to counter with its new brand.

Companies such as Box, which is in the process of an aggressive expansion in Europe, have sought to capitalise on security failures at Dropbox. In July last year, Dropbox said passwords stolen from other sites had been used to compromise accounts and send spam.

SSO could also be seen as an answer to other previous authentication problems at Dropbox. In summer 2011, a bug affecting the Dropbox auth mechanism could have allowed anyone to sign into accounts without the need for proper login credentials.

The company recently added two-factor authentication to shore up account security.

What do you know about Internet security? Find out with our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Apple, Google Mobile Ecosystems Should Be Investigated, CMA Told

CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation

3 days ago

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

3 days ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

3 days ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

4 days ago

Former Policy Boss At X, Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

4 days ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

4 days ago