Going Beyond MFA: How Okta is Redefining Enterprise Identity
New solutions leverage AI and automation to strengthen the enterprise security posture while empowering employee productivity.
Join the DZone community and get the full member experience.
Join For FreeAt Oktane23, Okta revealed new solutions to automate identity governance, implement privileged access management, and enable continuous authentication and threat protection.
Introduction
Identity has historically been regarded as the gateway to grant or deny access to an enterprise's digital resources and applications. But in today's increasingly complex technology landscape rife with sophisticated cyber threats, identity must transform into so much more. At Okta's annual Oktane user conference, the identity management leader announced innovative new solutions that will redefine the role of identity in securing the modern enterprise while removing productivity roadblocks for users.
Eliminating Identity Fragmentation
As Arnab Bose, Okta's Chief Product Officer for Workforce Identity Cloud, stated in his keynote, "Identity is no longer just a feeling. Identity has to go beyond just granting access." He explained that identity solutions need to be unified because identity is already integrated across an organization's entire technology stack.
Okta achieves this consolidation through a platform that eliminates the fragmentation between identity governance, privileged access management, and access management. Tal Herman, Okta's VP of Product Management, demonstrated how Okta's new entitlement management capabilities discover and manage permissions across all applications, including on-premise and custom. This enables centralized, least-privilege access policies.
Herman also introduced Governance Analyzer, a new AI-powered tool that transforms identity data into actionable insights for more intelligent governance decisions. For example, it can predict access risks before they occur. Herman explained that by expanding Okta's wealth of identity data and putting it to use, Governance Analyzer will be a game-changer for customers' security and compliance posture.
Furthermore, Okta announced the availability of Okta Privileged Access, which enables just-in-time, self-service access to critical infrastructure and apps for admins and engineers. Okta Privileged Access also allows teams to implement zero-standing privileges by discovering and remediating unnecessary persistent permissions. The solution manages and secures access to both cloud and on-premise resources through one unified interface.
Adopting Identity-Powered Security
With the rise of sophisticated phishing attacks, multifactor authentication alone is no longer sufficient. As Kelsey Nelson, Senior Director of Product Marketing for Okta, explained, "Identity is the only technology universally integrated across your entire technology stack."
Okta is leveraging this unique positioning to enable what it calls "identity-powered security" through new solutions that provide continuous authentication and threat protection.
Okta announced Context Re-evaluation for Okta FastPass, which silently rechecks device security posture each time the user opens a new application. This provides added assurance that the device state hasn't changed in the interim. For example, if the local firewall is disabled or endpoint security posture declines, the user may be prompted to reauthenticate.
Okta also revealed a new offering called Identity Threat Protection that leverages machine learning to detect anomalous activity that may indicate a compromised account. It integrates signals from security tools to analyze risk throughout a user's session, not just at login. Identity Threat Protection can then take automated actions like terminating sessions across all of a user's devices to contain the threat.
Nelson explained that by connecting Identity Threat Protection with other components of Okta's platform, such as Workflows and Governance, customers gain a powerful toolkit for identity-centric detection and response. If a user is deemed high risk, their app permissions could be automatically reduced. Slack notifications can alert SecOps to investigate.
Securely Managing External Identities
Bose also discussed how identity solutions need to move beyond full-time employees to secure external users like contractors, vendors, and partners who frequently access an enterprise's applications and data.
Okta Secure Partner Access provides a comprehensive solution to manage the entire lifecycle of these external identities. It enables automated onboarding, role-based access, and revocation of permissions for third-party users. Okta Secure Partner Access also extends Okta's phishing-resistant multifactor authentication to these external identities. This ensures consistent security for both internal and external users across an organization's ecosystem.
Removing Friction, Enabling Productivity
A core theme across Okta's announcements is balancing security with user experience through automation. For example, new offerings like policy recommender with Okta AI will simplify configuration while ensuring security best practices are applied.
Meanwhile, innovations like log investigator with Okta AI will speed up troubleshooting and threat hunting by enabling admins to have conversational interactions with logs. Reducing friction for admins ultimately translates to a smoother experience for end users.
Fortune Barnard, Executive Director of Digital Security and Resilience, Virgin Media O2, revealed that with Okta, Virgin Media 02 was able to accelerate new employee onboarding from weeks to just hours. He explained that by removing identity silos, Okta empowered the business to move faster. Okta understands that security cannot come at the cost of user experience.
The Future of Identity
Okta's latest announcements deliver on the company's vision for identity to serve as the connective tissue binding together an organization's entire technology ecosystem. By harnessing automation and AI, Okta is enabling enterprises to implement dynamic access policies, detect threats, and take action across their hybrid IT environment while removing friction for users.
For development teams and business leaders alike, identity is quickly moving beyond tactical security control and into a strategic business enabler. As Barnard summarized, Okta has become central to Virgin Media O2's digital transformation by "unleashing the business" and positioning it to compete in the digital era.
Conclusion
At Oktane23, Okta cemented its leadership in innovating how enterprises leverage identity. With sophisticated new solutions to automate identity governance, implement privileged access management, and enable continuous authentication and threat protection, Okta is redefining the role of identity in the enterprise.
For users, this means empowering productivity with easy, secure access. And for businesses, it translates to strengthened security and risk management while accelerating digital transformation. Identity is becoming the crucial connective tissue in the technology stack that binds everything together.
Opinions expressed by DZone contributors are their own.
Comments