Okta is Reducing the Risk of Unmanaged Identities, Social Engineering, and MFA Overload for Enterprise Employees
Okta has announced new Workforce Identity Cloud capabilities to address key security challenges in enterprise identity management. These innovations aim to protect businesses before, during, and after authentication, offering enhanced control, visibility, and user experience. The updates focus on:
1. Secure SaaS Service Accounts: To manage non-federated SaaS accounts with vaulting, credential rotation, and step-up MFA.
2. Governance Analyzer with Okta AI: To provide insights for informed authorization decisions.
3. Out-of-the-box Integrations for Identity Verification: To strengthen user verification against social engineering and deepfake attacks.
4. Extended Device Single Sign-On: To deliver a more secure and seamless SSO experience.
These advancements aim to address the growing threats in enterprise identity, with 80% of breaches involving compromised credentials and a 700% surge in deepfake incidents in the financial sector over the past year.
Okta ha annunciato nuove funzionalità per il Workforce Identity Cloud per affrontare le principali sfide di sicurezza nella gestione dell'identità aziendale. Queste innovazioni mirano a proteggere le aziende prima, durante e dopo l'autenticazione, offrendo un controllo, una visibilità e un'esperienza utente migliorati. Gli aggiornamenti si concentrano su:
1. Account di Servizio SaaS Sicuri: Per gestire account SaaS non federati tramite vaulting, rotazione delle credenziali e MFA a step-up.
2. Governance Analyzer con Okta AI: Per fornire informazioni utili per decisioni di autorizzazione informate.
3. Integrazioni Pronte all'Uso per la Verifica dell'Identità: Per rafforzare la verifica dell'utente contro attacchi di ingegneria sociale e deepfake.
4. Single Sign-On Esteso per Dispositivi: Per offrire un'esperienza SSO più sicura e senza interruzioni.
Questi progressi mirano ad affrontare le minacce crescenti nel campo dell'identità aziendale, con l'80% delle violazioni che coinvolgono credenziali compromesse e un aumento del 700% degli incidenti di deepfake nel settore finanziario nell'ultimo anno.
Okta ha anunciado nuevas capacidades del Workforce Identity Cloud para abordar los principales desafíos de seguridad en la gestión de identidades empresariales. Estas innovaciones tienen como objetivo proteger a las empresas antes, durante y después de la autenticación, ofreciendo un mayor control, visibilidad y experiencia del usuario. Las actualizaciones se centran en:
1. Cuentas de Servicio SaaS Seguras: Para gestionar cuentas SaaS no federadas con vaulting, rotación de credenciales y MFA en escalera.
2. Analizador de Gobernanza con Okta AI: Para proporcionar información para decisiones de autorización informadas.
3. Integraciones Listas para la Verificación de Identidad: Para fortalecer la verificación de usuarios contra ataques de ingeniería social y deepfake.
4. Inicio de Sesión Único Ampliado para Dispositivos: Para proporcionar una experiencia SSO más segura y fluida.
Estos avances pretenden abordar las crecientes amenazas en la identidad empresarial, con el 80% de las brechas involucrando credenciales comprometidas y un aumento del 700% en incidentes de deepfake en el sector financiero durante el último año.
Okta는 기업의 신원 관리에서 주요 보안 과제를 해결하기 위해 새로운 Workforce Identity Cloud 기능을 발표했습니다. 이러한 혁신은 기업을 인증 전, 중, 후에 보호하고, 강화된 제어, 가시성 및 사용자 경험을 제공합니다. 업데이트는 다음에 집중하고 있습니다:
1. 안전한 SaaS 서비스 계정: 자격증명 회전 및 단계적 MFA와 함께 비연합 SaaS 계정을 관리합니다.
2. Okta AI와 함께하는 거버넌스 분석기: 정보에 기반한 권한 부여 결정을 위한 통찰력을 제공합니다.
3. 신원 확인을 위한 즉시 사용 가능한 통합: 사회 공학 및 딥페이크 공격에 대한 사용자 확인을 강화합니다.
4. 확장된 장치 단일 로그인: 더 안전하고 원활한 SSO 경험을 제공합니다.
이러한 발전은 기업 신원의 증가하는 위협에 대응하는 것을 목표로 하며, 80%의 침해가 손상된 자격 증명과 관련이 있고, 지난 한 해 동안 금융 부문에서 딥페이크 사건이 700% 증가했습니다.
Okta a annoncé de nouvelles capacités pour le Workforce Identity Cloud afin de relever les principaux défis de sécurité dans la gestion des identités d'entreprise. Ces innovations visent à protéger les entreprises avant, pendant et après l'authentification, offrant un meilleur contrôle, une visibilité accrue et une expérience utilisateur optimisée. Les mises à jour se concentrent sur :
1. Comptes de service SaaS sécurisés: Pour gérer les comptes SaaS non fédérés avec coffre-fort, rotation des identifiants et MFA par étapes.
2. Analyseur de gouvernance avec Okta AI: Pour fournir des informations pour des décisions d'autorisation éclairées.
3. Intégrations prêtes à l'emploi pour la vérification d'identité: Pour renforcer la vérification des utilisateurs contre les attaques d'ingénierie sociale et les deepfakes.
4. Single Sign-On étendu pour les appareils: Pour offrir une expérience SSO plus sécurisée et fluide.
Ces avancées visent à faire face aux menaces croissantes dans le domaine de l'identité d'entreprise, avec 80 % des violations impliquant des identifiants compromis et une augmentation de 700 % des incidents de deepfake dans le secteur financier au cours de l'année écoulée.
Okta hat neue Funktionen für den Workforce Identity Cloud angekündigt, um die wichtigsten Sicherheitsherausforderungen im Bereich des Identitätsmanagements in Unternehmen zu bewältigen. Diese Innovationen zielen darauf ab, Unternehmen vor, während und nach der Authentifizierung zu schützen und bieten verbesserte Kontrolle, Sichtbarkeit und Benutzererfahrung. Die Aktualisierungen konzentrieren sich auf:
1. Sichere SaaS-Service-Konten: Zur Verwaltung nicht-föderierter SaaS-Konten mit Vaulting, Berechtigungsrotation und step-up MFA.
2. Governance-Analyzer mit Okta AI: Um Einblicke für informierte Autorisierungsentscheidungen bereitzustellen.
3. Fertige Integrationen zur Identitätsverifizierung: Um die Benutzerverifizierung gegen Social Engineering und Deepfake-Angriffe zu stärken.
4. Erweiterte Geräte-SSO: Um eine sicherere und nahtlose SSO-Erfahrung zu bieten.
Diese Fortschritte zielen darauf ab, die wachsenden Bedrohungen im Unternehmensbereich der Identität zu bekämpfen, wobei 80% der Sicherheitsverletzungen Kompromittierungen von Anmeldeinformationen betreffen und es im letzten Jahr einen Anstieg von 700% bei Deepfake-Vorfällen im Finanzsektor gab.
- Introduction of Secure SaaS Service Accounts to protect non-federated accounts
- Development of Governance Analyzer with Okta AI for improved authorization decisions
- Implementation of Out-of-the-box Integrations for Identity Verification to combat social engineering
- Planned release of Extended Device Single Sign-On for enhanced security and user experience
- Expansion of global compliance with new certifications like HDS, TISAX, and ENS High
- No specific financial metrics or business performance data provided
- Some announced features are not yet generally available, potentially affecting near-term revenue
Insights
Okta's new Workforce Identity Cloud capabilities address critical security challenges in enterprise identity management. Key innovations include:
- Secure SaaS Service Accounts: Protects non-federated SaaS accounts with vaulting and credential rotation, addressing the growing risk of unmanaged privileged accounts.
- Governance Analyzer with Okta AI: Enhances Identity Governance by providing data-driven insights for authorization decisions, potentially reducing access-related risks.
- Identity Verification Integrations: Adds third-party identity verification to combat social engineering and deepfake attacks, a growing concern with
700% surge in deepfake incidents in financial services. - Extended Device Single Sign-On: Improves security and user experience by binding user identity to devices, reducing authentication prompts while maintaining high security.
These features address the alarming statistic that
Secure SaaS Service Accounts (Graphic: Business Wire)
Why it Matters:
-
Identity in the enterprise is under attack, with
80% of breaches involving some kind of compromised credentials1 and 1.9 billion session cookies stolen from employees at Fortune 1000 companies2 last year alone. - Enterprises use an average of over 1,000 SaaS applications3 today and privileged accounts for applications are a rapidly growing and under-managed risk for organizations.
-
Social engineering and deepfake attacks are becoming more sophisticated and widespread, with deepfake incidents in the financial services sector surging
700% over the past year4. -
In response to rising identity attacks, over
65% of companies have implemented MFA across their organization. While MFA adoption continues to trend upwards, only about9% of companies have implemented phishing-resistant MFA such as Okta Fast Pass, which is 3x faster to use5.
“Identity acts as the first line of defense for critical apps and the connective tissue between security signals, no matter the speed at which an organization moves or the complexity of their technology stack,” said Arnab Bose, Chief Product Officer, Workforce Identity Cloud at Okta. “By continuously investing in the Okta Workforce Identity Cloud, we’re able to build a more reliable, scalable, and trusted platform that is empowering our customers to adopt a more unified approach to security.”
Better Manage Identities Before the Point of Log In
To effectively safeguard against identity-based attacks, it’s become essential for organizations to stay proactive by discovering identity posture risks, remediating them, and implementing the principle of least privilege based on their needs.
What’s New – Secure SaaS Service Accounts
Secure SaaS Service Accounts within Okta Privileged Access is a set of upcoming capabilities to protect non-federated SaaS accounts with vaulting, credential rotation, step-up MFA before secret reveal, and audit trail. With shared accounts easily falling out of the boundaries of traditional identity controls like federation and MFA, this feature provides organizations with centralized control to reduce risk and eliminate standing access.
What’s New – Governance Analyzer with Okta AI
Governance Analyzer, an upcoming feature of Okta Identity Governance, will empower managers and approvers by providing the insights they need, such as usage data and previous governance decisions, to make informed authorization decisions quickly and confidently. By utilizing real-time risk assessments and actionable recommendations, it can surface relevant information directly within Okta Identity Governance, enabling decision makers to make critical access decisions seamlessly within their existing workflows. As usage grows, Governance Analyzer will continue to learn and adapt, improving its ability to provide actionable insights and lower risk across the organization.
Protect Against Social Engineering Attacks with Stronger User Verification
Security incidents that involve employee onboarding and account/device recovery are typically a result of bad actors exploiting weak identity verification processes—like temporary passwords or help desk admins who can be socially engineered—that allow them to impersonate legitimate users. As increasing threats pose new security challenges, stronger user verification is needed.
What’s New – Out-of-the-box Integrations for Identity Verification in Early Access
Out-of-the-box Integrations for Identity Verification adds another layer for validating an employee or partner is who they say they are by leveraging third-party providers, including Persona, and coming soon Incode, Onfido, Clear, and others, without custom configuration. By enforcing identity verification at any stage of the employee lifecycle, organizations can more effectively mitigate the risk of social engineering and deepfake attacks. The solution leverages multiple techniques, such as verification with government ID databases and liveness checks to verify the identity of the individual with confidence.
Strengthen Security While Streamlining Sign-On Experiences
Organizations want their employees to have a simple yet secure experience when working on corporate devices. This means reducing the number of authentication prompts to minimize friction while maintaining the highest security standards.
What’s New and Expected in Q1 2025 – Extended Device Single Sign-On
Extended Device Single Sign-On, part of Okta Device Access, will deliver a more secure and seamless SSO experience by initiating a hardware-protected session at device login. This cryptographically binds the user's identity to their device, significantly reducing the risk of user context-based exploits and phishing attacks. With fewer authentication prompts, users can securely access downstream apps and get to work faster, without compromising on security standards.
Other New Advances:
- Advanced Posture Checks is an upcoming device compliance solution that is expected to be available in early access in Q1 2025 that enables real-time device posture assessment, policy controls, and remediation for managed and unmanaged Windows and macOS.
- Enhanced Disaster Recovery with self-service failover will allow customers to initiate and test failover on demand to strengthen overall business continuity.
-
Global Compliance with new certifications like HDS in
France for healthcare data security, TISAX for Europe’s automotive industry, and ENS High for Spain’s public sector.
1 2024 Verizon Data Breach Investigations Report, Verizon, 2024
2 2023 Fortune 1000 Identity Exposure Report, SpyCloud, 2023
3 Salesforce State of IT, 3rd Edition, Salesforce, 2024
4 “Deepfakes Are Coming for the Financial Sector," Wall Street Journal, 2023
5 Okta Platform Data 2024, Okta, 2024
Disclaimer: Any products, features, functionalities, certifications, authorizations, or attestations referenced in this material that are not currently generally available or have not yet been obtained or are not currently maintained may not be delivered or obtained on time or at all. Product roadmaps do not represent a commitment, obligation or promise to deliver any product, feature, functionality, certification or attestation and you should not rely on them to make your purchase decisions.
About Okta
Okta is The World’s Identity Company™. We secure Identity, so everyone is free to safely use any technology. Our customer and workforce solutions empower businesses and developers to use the power of Identity to drive security, efficiencies, and success — all while protecting their users, employees, and partners. Learn why the world’s leading brands trust Okta for authentication, authorization, and more at okta.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20241016429068/en/
Media Contact:
Kyrk Storer
press@okta.com
Source: Okta
FAQ
What new features has Okta (OKTA) announced for its Workforce Identity Cloud?
When will Okta's (OKTA) Extended Device Single Sign-On feature be available?
How does Okta (OKTA) plan to address the rise in deepfake attacks?
What percentage of breaches involve compromised credentials according to Okta's (OKTA) announcement?
