OneLogin by One Identity Reviews

We used single sign-on, multifactor authentication, lifecycle management, and connectors.

When we rolled it out, adoption was very quick. We migrated our email and other things to OneLogin, so adoption was very quick. The gateway became OneLogin, so if you wanted to get your email or anything else, you had to go through OneLogin to get it. It was quick and easy once we turned things on. Even the engineer who assisted us was very helpful. Once we turned it on, the users seamlessly started using OneLogin. They were redirected every time from others, and that ensured that there were no loopholes in what we were implementing.

We had a single pane of glass for access management across the organization, but the caveat is that for managing users provisioning and deprovisioning, apps have to support that feature. This single pane of glass was very important because we eliminated ghost accounts that were not being used. We had no idea about them. After implementing OneLogin, when a user left, the deletion used to happen everywhere, so the licensing cost and all those things came down. Audit logs came in one place, so we had all the control. That improved our visibility a lot.

The single pane of glass for access management enabled collaborative work between IT and Security. It simplified a lot of information for Security, and for IT, it simplified their setup process. For example, they would set up automatic provisions for emails, security training, etc. They would then just set up the user on OneLogin, and automatic provisioning would be done for them. When a user left, the user was removed automatically. That cleaned up things for us and improved processes.

OneLogin 100% helped to free up time for our IT team. The main work we did was setting up automatic provisioning. We reduced our time from five to ten minutes in creating a user to doing it in an instance. For example, creating a user and assigning it on OneLogin to a department, such as IT, automatically moved them to groups and email groups on Gmail. That was no longer manual. They were just writing out the information that was given, and in the backend, it got mapped correctly to what was needed. That saved time for us.

OneLogin enabled us to securely manage a growing user base or more applications with a smaller IT staff. After implementing OneLogin, we just had to work on one main platform. We did not fully need administrators for other systems.

We worked in a hybrid environment. Because OneLogin was available everywhere, it improved the user experience when working remotely. It was a secure way to get to applications. They went through the OneLogin system to get to their apps. However, when everything is under a single pane of glass, there is a risk. If one user gets breached, we have a problem there. For example, I am an administrator, and my account can be breached. The mitigation would be setting up MFA. We needed to put such checks and balances.

We use OneLogin for single sign-on to provide a consistent user experience with our in-house and external third-party applications. In addition to single sign-on, we use two additional modules: two-factor authentication and self-service password reset. It's a SaaS product.

Previously, users constantly had to log in with their user ID and password. It was the same user ID and password for all these applications, but they had to authenticate when they used all the applications they needed to use daily, whether they were an employee or a student. They would authenticate into one application and bounce over to the next to log in again. That's a huge benefit that the organization is leveraging with OneLogin.

The other benefit is that we've reduced calls to our help desk for password resets. Staff and students can now reset their passwords using their enrolled two-factor device as the authentication mechanism. In the past, we were using secret questions through a self-service portal. Inevitably, they would forget their answers or type them wrong. It just wasn't user-friendly. 

We're always onboarding new students, and we can set a default profile. Each student has access to a default set of applications, but when they enroll in a class, they might get access to other applications. They're active students, and all that is happening dynamically. We use data feeds from our student integration system to determine student roles and access to applications. We don't need to do that manually. OneLogin can set up those mappings for us automatically based on their enrollment.

It helped us manage our growing user base because we can use data from our SIS and HR platform to drive secure access to applications. Before this, we didn't have the capability. Either everybody got it, or we had to provide access through a request to our service desk manually. I won't say these requests have been eliminated. Still, they have been drastically reduced because we can pull that data feed from those two record systems to provide some access, reducing the workload on the systems and the security team.

With OneLogin, we use the same validator as our login: an authenticator application or a text message. That same two-factor authenticator is used for the password reset. We've significantly reduced the number of trouble tickets and tier-one service desk calls because everyone can reset their own password.

The adoption rate is high because we don't give users a choice. When we add new applications to our portfolio, IT is part of the process on the procurement side. When reviewing a request for an application, one of the first features we look at is the single sign-on capabilities. Do they do SAML? Do they do open ID?

We approve the purchase if all those features check out because we can connect third-party applications for single sign-on. IT is part of the first step. They don't get a choice on the front end of it. IT ensures the application can meet the requirements. We protect that app with two-factor authentication.

We allow a little flexibility on user enrollment in 2FA. It requires some custom development work to make this happen because the functionality isn't native to OneLogin, but we allow a grace period for students to enroll. We didn't want to force enrollment on them right out of the gate. Brand new accounts are required to enroll. We wanted to prompt them, "Hey, here's what you need to do. You need to enroll in two-factor authentication. You have 30 days to enroll in it. Here's a tutorial telling you how you enroll." They can enroll at their leisure.

After 30 days, you don't get any more opportunities. You're forced to enroll. You can't log into any system until you've enrolled in two-factor authentication. We force it on them, but we give them a little time to ensure they have an appropriate device and they've read through the knowledge base to learn how to do it. 

Before OneLogin, we had some SSO in place. It was all custom-developed integrations by our in-house developers, but it was never the same. We had a custom SSO for each vendor. By adopting OneLogin, we could reduce the development time. It's not the developers' job anymore. That responsibility shifted to my systems integration team. It reduced the manual effort needed to provide a single sign-on experience. Now we have a true single sign-on experience with few onboarding requirements for connecting to third-party applications with OneLogin because it uses a standard like SAML or Open ID.

These days, more students and staff are working remotely. They still have the same experience they had on campus, but we're protecting their accounts with 2FA. The world was told to work from home at the pandemic's start. We didn't have two-factor before that, so COVID was a significant factor driving the push to make this mandatory for all our staff.

We do not control the network they're on, but we see authentications happening all over the place. People weren't just staying in their city anymore. They traveled to some extent after restrictions were removed and logged in from all over the country. How do we validate that these accounts weren't compromised? The two-factor helped the security side to ensure these authentications are legitimate. At the same time, they provided a secure environment for telecommuting. They won't be denied access to those systems because their account was compromised.

I believe we've saved money, but I'm not sure I can quantify it. In August, we'll review our help desk tickets for password resets. That's one area where I think we'll save money because our calls have decreased. I don't know how much they've declined, but our call volume should be down.

We can also review our application use through the OneLogin portal, which could save us some money on under-utilized licenses. For example, we might have 100 licenses for an application, but only 25 users access it annually. It gives us the data on who's using the application and how frequently to help us make these decisions. That said, we don't have that data yet to quantify how much we're saving, but we will review it after using the platform for a couple of years. As the contracts start coming up for renewal, we can use that data from OneLogin to renegotiate better contracts with vendors.

We use it to deliver single sign-on services for both our company employees and our customers.

The main advantage is its ease of use for everyday users. Additionally, it simplifies user access management by offering a centralized platform for overseeing user accounts and third-party applications, which greatly benefits my team.

The adoption rate of OneLogin within our organization is at 100% since it's mandatory for everyone to use. During the rollout phase, there was unanimous approval and no resistance from any team members.

It serves as a vital tool for access management across our organization by offering a centralized platform. While we don't directly manage user accounts within OneLogin, they are synced from our Active Directory. Therefore, OneLogin primarily functions as a single interface for administering applications that utilize it for authentication.

OneLogin has been instrumental in freeing up time for our IT team to focus on other tasks. Previously, when onboarding a new user, we had to manually create accounts in multiple applications. However, with OneLogin, we create the account in our Active Directory, which automatically syncs to OneLogin and creates accounts in other applications. Similarly, when offboarding a user, we disable the account in OneLogin, and access to all other resources is automatically revoked. This streamlined process has significantly reduced the time required to manage user accounts. Previously, manual account creation across various platforms would take at least half an hour, whereas now it's down to just five or ten minutes.

It has empowered us to effectively manage an expanding user base and an increasing number of applications, all with a smaller IT team.

The implementation of OneLogin didn't significantly impact our user experience while working remotely. We adopted OneLogin during the transition to a remote work environment at the onset of the pandemic.

It contributed to cost savings for our organization by streamlining time-sensitive processes and boosting productivity, particularly for our IT staff. While we may not have a precise quantification in terms of monetary value, the time saved allows our team to focus on other tasks. As a relatively small organization, we don't require a dedicated Identity Manager, and OneLogin effectively serves our needs in this regard.

Our goal was to eliminate our on-site Active Directory and legacy Windows infrastructure since we operate solely on Macs. We considered two options: one that precisely aligned with our needs, and another that functioned more like a public solution. Ultimately, I chose OneLogin due to its enterprise-grade features and the professionalism of its representatives. It provided a seamless transition to the cloud, consolidating all our access needs onto a single platform.

Since implementing OneLogin, managing user accounts has become significantly streamlined. We no longer need to create and delete four separate accounts for each new user – a major advantage for an international school like ours, where student and staff turnover can be dramatic. In August, we might see 50 new students, while 30 may leave in October. Managing individual accounts across every platform was time-consuming, hindering our ability to improve workflows and automate processes. OneLogin simplifies this task, making user management faster, easier, and significantly more productive.

Many users forget their passwords, especially after an extended break like a three-day weekend. This leads to frequent password resets in less tech-savvy organizations. To simplify this process, we rely on OneLogin. With a single password reset, users can regain access to all their applications, making it significantly easier for them. Initially, there was some resistance from IT staff, but the convenience of one password won them over. Now, with macOS's desktop Single Sign-On, we're leveraging OneLogin even further. We use it to authenticate users to the radio server, lab machines, and shared workstations, and the upcoming Mac desktop SSO will streamline direct logins to individual Macs as well.

OneLogin provides a single pane of glass for most of our needs. It functions like a dashboard, giving me all the key metrics I need to see, such as the number of logins attempted and the number of failures. This allows me to quickly identify trends, like increased failures during holidays, and understand the reason behind them. Additionally, OneLogin offers the potential to integrate more frequently used apps and generate valuable reports. While it doesn't provide complete visibility due to the inherent privacy features of Macs, it covers the majority of our login activity. For deeper insights and troubleshooting Mac-specific login issues, I do need to utilize the Mac management tools directly.

The single pane of access management facilitates collaboration between IT and security, even when, as in my case, those roles are combined. The granular control allows us to tailor user access to the system's functionalities based on the specific needs and workloads of both IT and security personnel, enabling the creation of different user groups with varying levels of access.

OneLogin has saved us a tremendous amount of time, especially in account management. Creating and deleting accounts no longer eats up half my day. I used to spend countless hours on the phone and manually handling these tasks, but now it's a breeze. The workload has drastically reduced, and the process is incredibly streamlined. I simply create a user, and everything else takes care of itself automatically, from licensing to configuration. It's that simple!

During the COVID pandemic, we had a surge in remote workers. Provisioning accounts for essential tools like Teams became cumbersome. To streamline the process, we started to implement automation for Office 365 through OneLogin. This automatically created accounts in Azure, eliminating the need for manual account creation. Onboarding new users into various applications became quick and efficient. Instead of assigning licenses individually, a single organizational setup granted licenses to all 650 users instantly. This streamlined approach saved us considerable time and effort.

As a non-profit organization, our focus isn't on generating or saving money for ourselves. However, in terms of regular expenditures, including capital expenditures, we've seen significant cost reductions since switching to OneLogin. This is primarily due to eliminating our former Windows infrastructure, including legacy servers and associated maintenance requirements. We no longer need to hold spare parts on-site or staff a large IT department to manage and operate these systems. Overall, OneLogin has contributed to substantial year-over-year savings within our budget.

We use OneLogin to log in to all our different systems. This means I only need to go to the OneLogin portal to access all my frequently used applications, like our CRM, Greenhouse for recruiting, Jira for ticketing, Workday for HR, Tableau for data visualization, and even Slack. It's a one-stop shop for everything I need!

The main benefit of OneLogin is its centralized design, offering easy access to everything in one place.

All of our employees use OneLogin daily to log into their applications.

OneLogin offers a centralized platform for managing access across our entire organization, which is crucial for cybersecurity. It provides robust security features that give me peace of mind, knowing that data transfers are highly secure and unauthorized access to our databases is extremely unlikely.

The single pane of glass enables collaborative work between holistic IT and security.

OneLogin has helped our IT team significantly improve their efficiency by creating a centralized platform. This eliminates the need to access information from multiple portals, saving over 50 percent of their time.

OneLogin has improved the user experience when working remotely.

OneLogin has helped increase productivity.  

We use OneLogin by One Identity to provide SAML authentication and single sign-on for all of our SaaS apps.

OneLogin by One Identity helps us onboard new users really quickly and get everything up to speed super fast. It has helped free up about half of our time through its automation features.

We use it primarily as an identity provider. Beyond that, we use the SSO and SAML components. Additionally, we utilize their SmartFactor Authentication to prevent dictionary attacks. This is an additional security measure.

We needed the solution primarily as an identity provider. We needed something that was cloud-based and not Microsoft-based. We were primarily Mac users and still are to a large degree.

It has helped with compliance and instituted a security measure that isn't very common with other solutions, at least not that I've seen, like putting MFA or second-factor authentication before the password prevents dictionary attacks. Dictionary attacks are when people try to access a given site, whether we SSO or SAML to it or directly to OneLogin itself to gain access to any of the company services. Putting MFA first prevents people or external threat actors from trying to get someone's password and getting access that way. They need that second authentication before they can even type in their passwords.

We use this solution predominantly as our authentication provider for most or all SAML single sign-on services. We also use it as a tool to share passwords between users that need to have a centralized password database.

They are the authentication provider but we use it for multifactor authentication as well.

The service we use is where the users are on-premise with the network, then they bypass any single sign-on features. It just logs in.

We have six locations that are all connected by WAN VPN tunnels. Active Directory is being used to replicate the user accounts, and that replicates up to both Mircosoft, which is our primary single sign-on solution, and then to OneLogin. We use Microsoft for email, SharePoint, etc., and we use OneLogin as the authentication provider currently for that.

This product has removed barriers for users to log into multiple services, so it provides a better user experience.

Although this solution hasn't meant a reduction in the number of IT staff, it's provided easier management capabilities for them.