OneLogin grabs $25M to make sure bad guys can’t access your apps

The identity-management space is not showing any signs of slowing down as security startup OneLogin plans to announce Tuesday that it landed a $25 million series C investment round, bringing its total funding to $44 million.

This makes for another security minded startup that’s been attracting a lot of investor attention in recent months. Okta took in a $75 million funding round in June, Ping Identity grabbed $35 million in September and Sailpoint reportedly took in a funding round valued at roughly several hundred million dollars in August.

All of these startups are tackling the issue that today’s enterprises use a variety of cloud-based services, like or Box, and are having a hard time keeping track of who gets to log into what service. With large-scale hackings seemingly occurring each week (just ask Sony), companies also have to worry about whether attackers can access their corporate accounts using leaked emails or passwords they might have obtained from various data breaches, explained OneLogin CEO and founder Thomas Pedersen.

“In order to be cloud first, [companies] need to be identity first,” Pedersen said. “You can’t go into the cloud without an identity strategy.”

OneLogin mobile figure

OneLogin mobile figure

OneLogin’s cloud-based service can sync up with an organization’s active directory and have the pre-configured identity and management rules be passed on to the cloud, or they can go to OneLogin’s application catalog and choose the appropriate app that matches their respective cloud service. From there, IT admins can configure the access privileges of a particular app and make it possible that only users within a home country can access a Box account, for example.

The whole idea is to give users a single-sign on account for all of their cloud services as managed through OneLogin, which ensures that those without the right access privileges are unable to get into the cloud systems.

What separates a lot of these access-management focussed startups is their approach to securing mobile devices. Ping Identity, for example, recently rolled out a mobile app that essentially binds a mobile device to an organization’s network. OneLogin, on the other hand, “has been very focussed on standards” and wants to make sure that vendors are getting behind OneLogin’s preferred method of dealing with mobile access sign-ons, said Pedersen.

Scale Venture Partners drove the funding round along with previous investors Charles River Ventures and The Social+Capital Partnership. Rory O’Driscoll of Scale Venture Partners will join OneLogin’s board.