Onelogin readiness for GDPR

Onelogin Inc. is a leading vendor in Identity Management and Single Sign-on (SSO) that has also been named Best place to work. It has successfully made it easier for customers to access a trusted, more efficient and secure Identity and Access Management (IAM) platform in the cloud.


The San Francisco based company was officially launched in 2010 by two brothers, Thomas and Christian Pedersen and has progressively gained the trust of leading organisations globally. The brothers realised the niche while working for Zendesk and went ahead to solve it. It was ranked the best among Access Management providers by Gartner Peer Insights.


Onegin’s enterprise identity management perfects IAM through automated provisioning while securing access to cloud and on-premises applications through SSO for all types of devices. It has efficiently brought speed coupled with security for small-sized to large-sized businesses globally. With their identity management solutions, they deliver an all-encompassing administrative and self-service portal in hours to their clients. The system manages and secures millions of companies globally.

GDPR readiness.

The EU General Data Protection Regulation (GDPR) being one of the most critical changes in data regulation and this has not forgone by Onelogin. Onelogin is quick adopters of rules and frameworks that further strengthen the company’s and customers’ security including their privacy.

Onelogin is, therefore, working on significant areas, some of which will complete in 2018. These include:

  • Policies and processes

Taking a blank page approach, they recaptured items that might have previously overlooked in high-level diagrams. Through the strategy, they could build extremely detailed data mapping diagrams.

  • Contract language

The contract verbiage that needed straightening out included: data breach notification language, use sub-contractors and responsibility of data processors that were relevant to data controllers. Consequently, necessary changes made in their standard MSA and Data Processing Agreement.

  • Data Protection Officer (DPO)

For the company to meet GDPR requirements, they are leveraging an independent external leg counsel based in the EU to address the DPO requirement.

  • Trust

The company will go through a separate review around May 2018 that will eventually acquire them an official GDPR certification.

Leave a Reply

Your email address will not be published. Required fields are marked *