OneLogin Announces Real-Time Offboarding for Workday to Mitigate Risk of Company Data Theft

Share Article

Workday customers can now instantly revoke former employee access to company applications, laptops, and networks

News Image
It’s not enough to move to the cloud. You have to secure the cloud.

OneLogin, the identity management provider bringing speed and integrity to the modern enterprise, today announced the immediate availability of Real-Time Offboarding for Workday. This new cloud service enables HR teams to instantly revoke user access to company applications, laptops, and WiFi networks, preventing recently departed employees from stealing company data.

Real-Time Offboarding addresses two challenges facing companies. First, due to a reliance on slow manual offboarding processes, half of all companies provide access to company IT resources for longer than a day, according to a recent study by OneLogin of 500 IT decision makers. This provides a window of time when a company’s data is accessible to recently deactivated users.

Second, this problem is growing in size. With average employee tenure down to four years, according to the US Bureau of Labor Statistics (BLS), a company staying at constant size sees 25 percent of their employees leave annually. Additionally, companies are increasingly using temporary contractors: the number of temporary workers in the US has nearly doubled, from 1.7 million in 2009 to 3.1 million in 2017, according to the Federal Reserve.

Once setup, Real-Time Offboarding automates the steps of terminating access to company IT resources. A Workday administrator, typically in a human resources department, marks a user as inactive. These changes are immediately pushed to OneLogin, which then takes the following steps:

1. Revokes the user’s access to its Single Sign-On Portal, preventing access to all company applications authenticated using SAML or OpenID Connect.
2. Deauthorizes the user’s access to any accounts on company laptops that are managed through OneLogin Desktop, protecting data stored on those laptops.
3. Revokes the user’s access to any company WiFi accounts managed through its Cloud RADIUS, preventing access to company networks.
4. Lists all automated changes, plus any outstanding manual steps required, are reflected in OneLogin Offboarding Checklist.
5. Any access attempts by former users are logged by OneLogin, then optionally streamed to security information and event management (SIEM) systems from Splunk, Elastic, or Sumo Logic for auditing purposes.

“It’s not enough to move to the cloud. You have to secure the cloud,” explained Alvaro Hoyos, chief information security officer, OneLogin. “With Real-Time Offboarding, Workday customers now have an instant kill switch to keep former employees from accessing company applications.”

OneLogin Real-Time Offboarding for Workday is available today to customers on OneLogin’s Unlimited plan.

To learn more about how to achieve more secure access to corporate applications, laptops, and networks, please visit For more information about the new research, contact onelogin(at)walkersands(dot)com.

Datasheet: OneLogin for Workday
Whitepaper: Workday-Driven Identity Management
Blog post: OneLogin Offboarding Checklist

About OneLogin, Inc.
OneLogin brings speed and integrity to the modern enterprise with an award-winning single sign-on (SSO) and cloud identity and access management (IAM) platform. Our portfolio of solutions secures connections across all users, all devices, and every application, helping enterprises drive new levels of business integrity, operational velocity, and team efficiency across all their cloud and on-premise applications. OneLogin manages and secures millions of identities around the globe. We are headquartered in San Francisco, California.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Rosie Gillam
Visit website