Best SSO Services for Cloud Storage

A single-sign-on service, or SSO, lets users log into multiple web applications using the same password, regardless of what developer those applications were built by. Simply put, it’s all about simplicity, and in this article, we’re going to tackle the best SSO services for cloud storage.

The fewer passwords business employees have to remember, the less often they’ll get locked out of systems, including cloud storage systems like those detailed in our best EFSS guide. Of course, one might suppose that the fewer passwords a would-be cyber thief has to steal, the more easily they can wreak havoc on your livelihood.

However, from a security standpoint, ultimately unified access management means tighter control over your systems than juggling multiple different passwords.

In the event of a potential breach, such SSO services let you change the access credentials to multiple systems at once, which is a huge advantage. Moreover, with fewer passwords to remember, your workforce might be less tempted to use weaker passwords like “pasword123” or “ih8myjob.”

Before we get to our list of the best SSO services, let’s review some specific features designed to make password management easier and more secure than we considered when putting it together.

What Makes the Best SSO Service for Cloud Storage

One of the most important things to look for when choosing an SSO service is to make sure it supports all the web applications used by your business whether hosted on-premise or remotely.

For this article, we first looked for support of cloud storage services designed for businesses, commonly called enterprise file sync and share services. Those services include Dropbox Business, Egnyte Connect, Box Business and many other options. (Read our Egnyte Connect review to find out why we think it’s the best of the bunch).

We considered other applications, too, of course, including HR systems, communication tools and CMS platforms.

After application support, we looked at two aspects in particular: ease of use and security. For ease of use, we looked at the end user and admin experience. For the latter, we were primarily concerned with user management.

When it comes to security, there are two things that any good SSO service should offer: control over password policies and multi-factor authentication (MFA).

Password policy controls let your admin team dictate the rules for creating passwords, such as the length and inclusion of special characters. More difficult passwords are harder to brute-force crack, meaning cybercriminals will have a tougher time getting at your business data.

Multi-factor authentication, sometimes called two-factor authentication, helps ensure that if a password does get stolen, it’s much harder to use.

The key feature of multi-factor authentication is that if someone tries to login using your credentials on an unfamiliar machine, additional credentials are required, usually in the form of a security code sent to your mobile device. Finally, we also took value into account, looking at both cost per user and scalability.

Now that we have our criteria laid out, let’s get to our picks for best SSO for cloud storage, starting with our top choice, OneLogin.

Best SSO Service for Cloud Storage: OneLogin

OneLogin probably ranks as the most recognizable name in the SSO field and that reputation is mostly deserved. There’s very little work involved in setting up OneLogin because it comes with over 5,000 web applications preconfigured to work. If an app isn’t included, OneLogin has a process in place to request its addition.

Among those web applications are many cloud storage options, including our favorite pick for medium and large businesses, Egnyte Connect. You’ll also find Dropbox, Box, G Suite and OneDrive.

Other apps of note include GitHub, Slack, Salesforce, GoToMeeting, Taleo and WordPress. Our favorite web-based accounting tool, QuickBooks, and our favorite note-taking app, Evernote, are also supported. (Read our Quickbooks Online review or Evernote review).

The OneLogin sign-in portal is easy to use and available for desktops and smartphones. For assisting admin efforts, the service provides a “unified directory” feature via its web interface, which syncs information from multiple employee directory tools (Workday, Active Directory, G Suite, etc) in near real-time.

Real-time user provisioning is supported, too, helping to automate the onboarding and offboarding process to reduce the chance for errors that could jeopardize your company’s intellectual property. You can define access options based on several different employee attributes, such as department, title, role and location.

Vitally, OneLogin lets you define your own password policies. Policy options include password length, complexity, restrictions on password reuse, session timeouts and self-service options for password resets.

Multi-factor authentication is also supported. OneLogin has its own authenticator called OneLogin Protect, which works with Android and iOS. Alternatively, you can use one of several supported authenticators, including Duo Security, RSA SecurID and Google Authenticator. Read our full OneLogin review for more.

Other Reasons We Like OneLogin

While meant for businesses, OneLogin has a free plan that works fine for home use, too. You can connect up to three web apps using this plan. Beyond that, OneLogin has three different business plans with different costs per user and minimum required users: Starter, Enterprise and Unlimited.

OneLogin Starter requires at least 25 users but only costs $2 per user per month. Like the free plan, however, it doesn’t include multi-factor authentication or policy-driven password rules, so if security is a must, you’ll want to spend on the Enterprise edition, which costs twice as much per user but only requires 10 to get started.

Overall, the cost of OneLogin is easily overshadowed by the benefits you recieve. You can even white label the client with custom branding on the desktop and mobile login apps to highlight your business.

Okta

Okta SSO provides most of the benefits you’ll get with OneLogin, so it’s fair to really call it a 1A rather than second place finisher. Included in its web-application lineup are over 5,500 offerings, according to the Okta website.

Dropbox, G Suite, Box and Egnyte are included among the cloud storage offerings. Slack, Office 365, Salesforce and Zendesk highlight some non-cloud storage integrations. Okta also integrates with multiple HR systems to help with onboarding and offboarding, including Workday, bambooHR and SAP SuccessFactors.

Okta can also be integrated into any modern API in case your web app isn’t supported, such as if it’s an in-house tool. In fact, the entire experience is highly customizable. You can arrange app links however you want, create tabs and set notifications.

Like OneLogin, Okta lets you customize password-creation rules, too, in order to decrease the likelihood of weak passwords. You can also customize policies for specific groups and monitor password security with real-time logging and a built-in event viewer.

Okta can be used to maintain a cloud-based directory of your employee base to quickly set and manage user attributes, in addition to automating user onboarding.

Other Reasons We Like Okta

You can give Okta a try for your business with 30 days of free use. Unlike OneLogin, there are no minimum user requirements for subscribing, either. A basic SSO plan costs $2 per user per month, while there’s also an “Adaptive SSO” plan for $5 per user. Adaptive SSO includes additional contextual asset management features, such as location or device-based rules.

Neither SSO plan includes multi-factor authentication. For that, you’ll need to add an additional one dollar to the per-user cost. The universal directory feature also costs an additional dollar per user.

Egnyte Review

Visit Egnyte

JumpCloud

Like our previous two picks, JumpCloud provides an online directory for managing your user base. In fact, it primarily bills itself as a directory-as-a-service (DaaS) tool to replace Microsoft Active Directory. Using JumpCloud, you can quickly provide or remove access to various applications and networks.

You can also create groups to manage multiple users at once. Access can be automated based on role, too, and JumpCloud supports both password policies and multi-factor authentication.

This SSO service also supports quite a few web applications, although not nearly as many as OneLogin or Okta. Still, most major cloud storage for business tools are included, in addition to many other SaaS offerings.

Why Else We Like JumpCloud

JumpCloud has a free version like OneLogin and Okta. However, unlike those two tools, its free version is fully functional. The only restrictions are that the free version comes with very limited technical support and can only be used for up to ten employees. However, for a small business on a budget, it can’t really be beaten.

For those with more than 10 users, however, JumpCloud gets expensive. Each user beyond 10 will cost $7.50 each, double or more the cost of our top two SSO picks.

Microsoft Azure Active Directory

To be fair, Active Directory is much more than an SSO service. It provides pretty comprehensive management of employee identities all around. As a tool developed by Microsoft, it should come as no surprise that it also works best with Microsoft products, particularly Office 365.

Beyond that, Azure AD’s usefulness is a bit more limited, which is a big reason why it landed fourth on our list. Still, it works with Egnyte Connect, Dropbox Business, Box Business and multiple Google apps, so we decided it still warrants mention.

For those businesses primarily interested in Azure and Office 365 management, it’s also tough to beat. You can easily control user permissions and even build custom roles to control access. You can also build a self-service user portal so that your employee base can reset their own passwords and enable multi-factor authentication.

Why Else We Like Microsoft Azure Active Directory

While more commonly an enterprise product, favored by businesses with over 1,000 employees, Azure AD can be used by smaller businesses as well.

There’s a free plan called Azure Active Directory Free and $1 per user version called Azure Active Directory Basic. Basic can be used for up to ten apps, after which you’ll need to upgrade to the more expensive Premium plan, which will set you back $4 per user per month.

Egnyte Review

Visit Egnyte

CA SSO

CA SSO rounds our top five list. It’s a flexible, secure and generally easy-to-use single sign-on solution that will appeal to businesses both small and large.

Most importantly, it supports all major cloud storage tools and other critical web-based apps favored by businesses. That includes Dropbox, Egnyte and other options we’ve mentioned previously in this article as being particularly good file-hosting solutions for businesses.

CA SSO supports password-policy creation, though it doesn’t strike us as being quite as flexible as OneLogin or Okta. In fact, CA SSO can be a bit hard to use at times, an issue compounded by poor documentation, overall.

For example, multi-factor authentication isn’t available out-of-box for CA SSO. You can configure it, however, if you’re willing to build a custom authentication scheme. That means more work, but we still like the product overall for tech-minded businesses.

Costs for CA SSO can be expensive and you’ll need to contact sales to work that part out, which is another annoyance.

Why Else We Like CA SSO

CA SSO has a few related products to help manage your employee base. Those include CA Directory and CA Authentication. While support documentation can be sparse, CA SSO has a strong user community that should help smooth the implementation process some.

Egnyte Review

Visit Egnyte

Honorable Mention

There are many more SSO options out there we didn’t mention that, for some users, will likely be better options than Microsoft Azure AD or CS SSO, at least. Some important names include SAP Single Sign-on, Centrify Identity Service and Ping Identity.

There are also some password-management tools that, while not technically SSO, can work as such for your business. The best of that bunch is LastPass, which uses multiple passwords but also relies on a single master password to manage all of those.

LastPass has business pricing that might work for very small businesses, costing just $4 per month for six users. Business pricing is available, too, with LastPass Team costing $2.42 for five to 50 users and LastPass Enterprise costing $4 per user, with a minimum of five. Read our article on how to store passwords in the cloud for more information.

Final Thoughts

Password management is one of the most critical information technology tasks in business today, particularly as more data gets shifted to the cloud. SSO services not only make the lives of employees easier, but also decrease the chance that a weak or stolen password can lead to serious damage to your business.

Our top two choices are OneLogin and Okta, with a slight preference for the former. However, there are many capable solutions available and very little separating them in terms of features and cost. Your best bet is to take advantage of free trials to find the tool that works for your needs.

Feel free to share your own insights on SSO tools that work (or don’t) in the comments below and thanks for reading.