Okta today announced new Workforce Identity Cloud capabilities
to address top security challenges such as unmanaged SaaS service
accounts, governance risks, and identity verification. As part of a
unified approach, these innovations help protect business before,
during and after authentication, providing greater control,
visibility, and streamlined user experience.
This press release features multimedia. View
the full release here:
https://www.businesswire.com/news/home/20241016429068/en/
Secure SaaS Service Accounts (Graphic:
Business Wire)
Why it Matters:
- Identity in the enterprise is under attack, with 80% of
breaches involving some kind of compromised credentials1 and 1.9
billion session cookies stolen from employees at Fortune 1000
companies2 last year alone.
- Enterprises use an average of over 1,000 SaaS applications3
today and privileged accounts for applications are a rapidly
growing and under-managed risk for organizations.
- Social engineering and deepfake attacks are becoming more
sophisticated and widespread, with deepfake incidents in the
financial services sector surging 700% over the past year4.
- In response to rising identity attacks, over 65% of companies
have implemented MFA across their organization. While MFA adoption
continues to trend upwards, only about 9% of companies have
implemented phishing-resistant MFA such as Okta Fast Pass, which is
3x faster to use5.
“Identity acts as the first line of defense for critical apps
and the connective tissue between security signals, no matter the
speed at which an organization moves or the complexity of their
technology stack,” said Arnab Bose, Chief Product Officer,
Workforce Identity Cloud at Okta. “By continuously investing in the
Okta Workforce Identity Cloud, we’re able to build a more reliable,
scalable, and trusted platform that is empowering our customers to
adopt a more unified approach to security.”
Better Manage Identities Before the Point of Log In
To effectively safeguard against identity-based attacks, it’s
become essential for organizations to stay proactive by discovering
identity posture risks, remediating them, and implementing the
principle of least privilege based on their needs.
What’s New – Secure SaaS Service Accounts
Secure SaaS Service Accounts within Okta Privileged Access is a
set of upcoming capabilities to protect non-federated SaaS accounts
with vaulting, credential rotation, step-up MFA before secret
reveal, and audit trail. With shared accounts easily falling out of
the boundaries of traditional identity controls like federation and
MFA, this feature provides organizations with centralized control
to reduce risk and eliminate standing access.
What’s New – Governance Analyzer with Okta AI
Governance Analyzer, an upcoming feature of Okta Identity
Governance, will empower managers and approvers by providing the
insights they need, such as usage data and previous governance
decisions, to make informed authorization decisions quickly and
confidently. By utilizing real-time risk assessments and actionable
recommendations, it can surface relevant information directly
within Okta Identity Governance, enabling decision makers to make
critical access decisions seamlessly within their existing
workflows. As usage grows, Governance Analyzer will continue to
learn and adapt, improving its ability to provide actionable
insights and lower risk across the organization.
Protect Against Social Engineering Attacks with Stronger User
Verification
Security incidents that involve employee onboarding and
account/device recovery are typically a result of bad actors
exploiting weak identity verification processes—like temporary
passwords or help desk admins who can be socially engineered—that
allow them to impersonate legitimate users. As increasing threats
pose new security challenges, stronger user verification is
needed.
What’s New – Out-of-the-box Integrations for Identity
Verification in Early Access
Out-of-the-box Integrations for Identity Verification adds
another layer for validating an employee or partner is who they say
they are by leveraging third-party providers, including Persona,
and coming soon Incode, Onfido, Clear, and others, without custom
configuration. By enforcing identity verification at any stage of
the employee lifecycle, organizations can more effectively mitigate
the risk of social engineering and deepfake attacks. The solution
leverages multiple techniques, such as verification with government
ID databases and liveness checks to verify the identity of the
individual with confidence.
Strengthen Security While Streamlining Sign-On
Experiences
Organizations want their employees to have a simple yet secure
experience when working on corporate devices. This means reducing
the number of authentication prompts to minimize friction while
maintaining the highest security standards.
What’s New and Expected in Q1 2025 – Extended Device Single
Sign-On
Extended Device Single Sign-On, part of Okta Device Access, will
deliver a more secure and seamless SSO experience by initiating a
hardware-protected session at device login. This cryptographically
binds the user's identity to their device, significantly reducing
the risk of user context-based exploits and phishing attacks. With
fewer authentication prompts, users can securely access downstream
apps and get to work faster, without compromising on security
standards.
Other New Advances:
- Advanced Posture Checks is an upcoming device compliance
solution that is expected to be available in early access in Q1
2025 that enables real-time device posture assessment, policy
controls, and remediation for managed and unmanaged Windows and
macOS.
- Enhanced Disaster Recovery with self-service failover
will allow customers to initiate and test failover on demand to
strengthen overall business continuity.
- Global Compliance with new certifications like HDS in
France for healthcare data security, TISAX for Europe’s automotive
industry, and ENS High for Spain’s public sector.
1 2024 Verizon Data Breach Investigations Report, Verizon, 2024
2 2023 Fortune 1000 Identity Exposure Report, SpyCloud, 2023 3
Salesforce State of IT, 3rd Edition, Salesforce, 2024 4 “Deepfakes
Are Coming for the Financial Sector," Wall Street Journal, 2023 5
Okta Platform Data 2024, Okta, 2024
Disclaimer: Any products, features, functionalities,
certifications, authorizations, or attestations referenced in this
material that are not currently generally available or have not yet
been obtained or are not currently maintained may not be delivered
or obtained on time or at all. Product roadmaps do not represent a
commitment, obligation or promise to deliver any product, feature,
functionality, certification or attestation and you should not rely
on them to make your purchase decisions.
About Okta
Okta is The World’s Identity Company™. We secure Identity, so
everyone is free to safely use any technology. Our customer and
workforce solutions empower businesses and developers to use the
power of Identity to drive security, efficiencies, and success —
all while protecting their users, employees, and partners. Learn
why the world’s leading brands trust Okta for authentication,
authorization, and more at okta.com.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20241016429068/en/
Media Contact: Kyrk Storer press@okta.com
Okta (NASDAQ:OKTA)
Gráfico Histórico do Ativo
De Nov 2024 até Dez 2024
Okta (NASDAQ:OKTA)
Gráfico Histórico do Ativo
De Dez 2023 até Dez 2024