Dropbox, in the face of massive competition in the enterprise space, has launched a version of its cloud file-sharing software specifically aimed at businesses.
Whilst Dropbox is widely used in businesses, it has been criticised for its security credentials. It’s no surprise then that the biggest sell of Dropbox for Business, formerly Dropbox for Teams” is a security feature – single sign-on (SSO).
“For users, SSO means ease — one fewer password to remember and one fewer step to get to your work. Once logged in to your system, there’s no need to sign in to Dropbox separately.
“For IT admins, SSO means additional security and administrative management. Single sign-on gives you complete ownership of the authentication process and works with your company’s existing password policies.”
The SSO feature will land next month, provided by a host of companies, including Ping Identity, Okta, OneLogin, Centrify and Symplified.
SSO, whilst great for IT and users, can be exploited by hackers. A year ago, researchers discovered flaws in the way certain SSO systems were being run. Problems lay in the communication between the service itself and the identity provider – if there are weaknesses in that link, attackers can pick up certifying tokens or make changes to queries, and ultimately pretend to be valid users.
Dropbox has been facing up to much tougher competition in the business file-sharing space in recent times, with a slew of start-ups and seasoned players getting involved. Many have led with the claim they are producing “Dropbox for business”, something the file-sharing leader will no doubt be hoping to counter with its new brand.
Companies such as Box, which is in the process of an aggressive expansion in Europe, have sought to capitalise on security failures at Dropbox. In July last year, Dropbox said passwords stolen from other sites had been used to compromise accounts and send spam.
SSO could also be seen as an answer to other previous authentication problems at Dropbox. In summer 2011, a bug affecting the Dropbox auth mechanism could have allowed anyone to sign into accounts without the need for proper login credentials.
The company recently added two-factor authentication to shore up account security.
What do you know about Internet security? Find out with our quiz!
Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…
Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…
Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…
Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…
Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…
Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…