BetterCloud Raises Funds to Broaden Beyond Google Apps

I’ve previously covered BetterCloud, the New York based operation that provides administration functionality for Google Apps – they do some interesting things around delivering the features that enterprises need in order to use Google Appps – policy and compliance features, discovery, security analytics and the like. But I’ve always wondered about the flip side of being “all in” as an add-on partner to one single platform – it makes for a big target audience, but also increased risks in the event that the platform vendor decides to eat your lunch.

So it makes total sense that today BetterCloud is announcing an expansion of its service beyond Google Apps – BetterCloud is going to deliver enhanced IT management and security to, Zendesk and “others”. The BetterCloud Flash Panel product already features broad functionality, but the company is introducing some further deatures over the next few months:

  • Third party application auditing: FlashPanel will allow IT personnel to whitelist or blacklist specific applications installed via the Google Apps Marketplace
  • Regular Expression Searches for Google Drive: IT administrators will be able to search their users’ Google Drive documents for information like credit card and social security numbers to ensure sensitive information is not shared improperly
  • Google Drive Sharing Policies by folder: Admins will have the ability to apply Google Drive sharing policies – how items are shared and with whom – by folders, greatly reducing time spent managing overall Drive security

This broad functionality is being expand to Salesforce immediately with plans for later integration with Zendesk. Interestingly the company lans to offer its service for ERP and HR vendors “in the future”.

Alongside the expansion of service, BetterCloud is announcing a new $6M funding round that it has raised from existing vendors. Earlier in the year the company moved from a free beta to a freemium model – the company isn’t saying how many of the 22000 organizations using the product are actually paying for it.


his makes sense – as Google tries to extend its Apps franchise further into the enterprise, it will be forced to include some of this higher level administrative functionality into the core product. In doing so, third party vendors like BetterCloud will be squeezed. Moving what it does beyond the Google Apps suite and onto other enterprise applications makes total sense – Salesforce is a logical first step for the company. I’d have said Zendesk is less of a natural fit, I would suggest a broad CRM/ERP/Office productivity admin spread would fill out most of the gaps but then again Zendesk has a broad exisitng ecosystem and hence likely has an API that makes it relatively easy for BetterCloud to integrate the product into what they do.

As more and more enterprises adopt SaaS applications, there will be a corresponding increase in the requirements for granular administrative control – while much of that space is being filled by the single sign on (SSO) vendors such as Okta and OneLogin, there is still an opportunity for more of the security and analytics functions – BetterCloud has done a good job of on-boarding customers and this extra funding, alongside extra supported application, will help them to broaden adoption further.

Okta and Sharepoint – Because the Future Organization is Porous

Interesting news recently that Single Sign On (SSO) vendor Okta has integrated with SharePoint in an effort to allow companies to collaborate with external users. The idea being that many organizations have externally-facing portals based on SharePoint and need to give external parties access to those. The integration enables IT administrators to manage customer or partner access to SharePoint with Okta in much the same way they currently use Active Directory to manage employee access to an internal SharePoint-based portal. It’s a hybrid approach towards authentication, and removes the necessity to use two authentication systems (one for internal and one for external use)

The traditional approach to this problem has either been to add external users to the internal employee directory (a wholly sub-optimal approach) or to set up a completely separate directory for outside users (again, pretty much the antithesis of efficiency). With integrations like this, IT admins can manage one set of permissions in one location.


There’s an interesting identity management story in here, but perhaps more interesting is the glimpse this gives into the way enterprises are beginning to work. If we look at organizations of yesterday, they were fairly monolithic, with a rigid boundary between the organization and the outside world. Add to that the fact that user churn was limited and you had a fairly static and easily maintainable situation.

Contrast that to the organization of today. not only are the boundaries between the organization and the outside world far more porous than ever before, but the userbase within an organization is also far more complex – we have project teams coming together in an organic manner, leveraging both internal and external personnel and morphing as projects shift. Given this fact, having to manage the identity of an individual who may be both a partner, and an external contractor and a quasi-employee, all in multiple locations is just plain stupid.

It’s the reason that in recent times we’ve seen companies like Salesforce and Zendesk roll out customer-facing products such as Chatter Communities and the new self-help center respectively – a demand to both reduce the costs of connecting internal and external services but also a reflection on the broader changes occurring in the economy.

SharePoint may be everyone’s whipping boy as the dinosaur product in its class – but if you’re a large enterprise running the product, and you’re offered bolt-on technologies that help modernize it… that’s a pretty compelling proposition overall.

Dropbox Pushes Into the Enterprise – SSO Coming

When I was in San Francisco last week I took the opportunity to swing by the Dropbox office and meet the team responsible for giving Dropbox enterprise credibility. They actually have a pretty interesting job, despite Dropbox being extremely pervasive, both with the consumer space and enterprise, there is a vast difference between pervasiveness and acceptance and Dropbox has a lot of work to do to give enterprise faith that they’re serious about this new business focus. As I said when I was at the office – part of the problem is a lack of functionality that enterprise needs, but part of the problem is also a compelling narrative that gives enterprise IT departments faith that DropBox is taking their concerns seriously. Today’s announcement should help with both of these problems as Dropbox announces the roll out of Single Sign On, backed with a host of partners.

Dropbox is partnering with Ping Identity, Okta, OneLogin, Centrify, and Symplified to roll out SSO to their customers next month. The SSO roll out has been built on top of SAML so it’s supporting the latest approaches towards SSO. The Dropbox SSO offering rests on the back of the new administration console that the company rolled out a couple of months ago. As I noted at the time, the new console is designed as a central location to gain visibility and control over their organizational use of Dropbox. As I said about that release, and reiterate about this release:

This is a big deal – at last Dropbox is putting some of the monstrous quantities of cash it has raised to good use and is really thinking hard about what it means to be an enterprise company. With that refocus however comes difficulties, and the obvious disconnect between bottom up and top down approaches to IT. Dropbox has always been about bottom up end users adoption, they now have to start thinking a top down story.

ALongside the announcement of SSO and the partners, Dropbox is renaming its Teams product as Dropbox for business. It’s better than teams, but it still feels, to me at least, like a baby step on the progression path to a full enterprise product offering.

As I said before, there are several sides to this story. The first side is about building out the sort of security and control features that enterprises demand. The roll out of the new admin panel and today’s SSO story shows that Dropbox has a commitment to building out the technology piece. The second part is building a vibrant ecosystem of enterprise players who will support the product, whether it’s because Dropbox’s massive customer base is just to appealing to miss, or whether they truly believe in Dropbox’s enterprise abolitions, Dropbox has amassed a who’s who of the cloud SSO space to come on board for this announcement That will give enterprises a High degree of comfort. The third and final part of the story is articulating an ongoing vision and commitment to the enterprise. When I visited the Dropbox offices I was impressed by the language I hear but I will say that it’s just too early to know how this is going. While I sense a commitment today, and the company is obviously committing resources and mindshare to the business product, there’s nothing to say that they’ll not pivot away from that should the rewards prove to not be forthcoming.

I’m actually hopeful that these latest announcements, the willingness to engage with enterprise pundits, and the commitment within the organization to enterprise signals a turning point for Dropbox. They’ve got a long way to go till people know longer use “Dropbox in the enterprise” as a metaphor for rogue IT. It’s a gradual process, and Dropbox needs to make sure they do the right thing at every turn. The financial rewards of getting the enterprise thing right are totally worth it.

OneLogin Launches Cross-Application Search

The announcement by Salesforce a few weeks ago that it was moving into the enterprise Single Sign on (SSO) space was both an excellent validation that sso across cloud and on-premise applications is needed, but also a rude awakening to the existing independent SSO vendors like OneLogin and Okta. While these vendors put a brave face on the news, clearly they were scrambling to find ways to differentiate what they do from a standard SSO application.

Today we’re seeing the rollout of one of those differentiators with OneLogin launching Cloud Search, a real time search function that works across multiple public cloud applications as well as on-premise web applications. Cloud Search currently supports Box, Google Apps, Salesforce, Yammer and Zendesk.

The rationale is simple – traditional enterprise search has involved the ingestion of disparite data from different applications into a central data warehouse within which search could occur. obviously this introduced a time lag, as well as a disconnect between search results and the actual applications themselves. The concept with Cloud Search is to tie together the search function, with the authentication and permissioning of the central SSO. In addition, the fact that it is built as part of the SSO solution means that search result can link directly to content within individual applications, and users can browse to that content directly with no additional sign on required.

Security is a concern when it comes to enterprise search – as search is sometimes a vector for unauthorized individuals to get access to content. By tying search to SSO and hence to the enteprrise’s existing security model – this risk is removed.

While search is perhaps not the sexiest functional area, tying it to SSO is a good way to justify the existence of independent SSO vendors – it also helps that it makes enterprise users’ lives easier to boot. Cloud Search is included free in all OneLogin plans at no additional charge.