Okta, OpenID Foundation & Tech Firms Tackle Today’s Biggest Cybersecurity Challenge: Identity Security in SaaS Apps
Okta and the OpenID Foundation have announced the formation of a working group to establish a new identity security standard called Interoperability Profile for Secure Identity in the Enterprise (IPSIE). This initiative aims to provide a framework for SaaS companies to enhance end-to-end security across their technology stack. The working group includes Ping Identity, Microsoft, SGNL, and Beyond Identity.
Key aspects of IPSIE include:
- Single Sign-On
- Lifecycle Management
- Entitlements
- Risk Signal Sharing
- Session Termination
Okta has also introduced the Secure Identity Assessment (SIA), an approach to help organizations reduce identity debt and improve their security posture. SIA offers comprehensive identity evaluation, tailored recommendations, and proactive risk reduction strategies.
Okta e l'OpenID Foundation hanno annunciato la formazione di un gruppo di lavoro per stabilire un nuovo standard di sicurezza dell'identità chiamato Profilo di Interoperabilità per l'Identità Sicura nell'Enterprise (IPSIE). Questa iniziativa mira a fornire un framework per le aziende SaaS per migliorare la sicurezza end-to-end attraverso il loro stack tecnologico. Il gruppo di lavoro include Ping Identity, Microsoft, SGNL e Beyond Identity.
Gli aspetti chiave di IPSIE includono:
- Accesso Unico
- Gestione del Ciclo di Vita
- Autorizzazioni
- Condivisione dei Segnali di Rischio
- Terminazione della Sessione
Okta ha anche introdotto il Secure Identity Assessment (SIA), un approccio per aiutare le organizzazioni a ridurre il debito di identità e migliorare la loro postura di sicurezza. SIA offre una valutazione completa dell'identità, raccomandazioni su misura e strategie proattive di riduzione del rischio.
Okta y la OpenID Foundation han anunciado la formación de un grupo de trabajo para establecer un nuevo estándar de seguridad de identidad llamado Perfil de Interoperabilidad para la Identidad Segura en la Empresa (IPSIE). Esta iniciativa tiene como objetivo proporcionar un marco para que las empresas de SaaS mejoren la seguridad de extremo a extremo en su pila tecnológica. El grupo de trabajo incluye a Ping Identity, Microsoft, SGNL y Beyond Identity.
Los aspectos clave de IPSIE incluyen:
- Inicio de Sesión Único
- Gestión del Ciclo de Vida
- Derechos de Acceso
- Compartición de Señales de Riesgo
- Terminación de Sesión
Okta también ha introducido la Evaluación de Identidad Segura (SIA), un enfoque para ayudar a las organizaciones a reducir la deuda de identidad y mejorar su postura de seguridad. SIA ofrece una evaluación completa de identidad, recomendaciones personalizadas y estrategias proactivas para la reducción de riesgos.
Okta와 OpenID Foundation은 기업의 안전한 신원 상호운용성 프로필 (IPSIE)라는 새로운 신원 보안 기준을 설정하기 위해 작업 그룹 결성을 발표했습니다. 이 이니셔티브는 SaaS 회사가 기술 스택 전반에 걸쳐 종단 간 보안을 강화할 수 있는 프레임워크를 제공하는 것을 목표로 하고 있습니다. 작업 그룹에는 Ping Identity, Microsoft, SGNL 및 Beyond Identity가 포함되어 있습니다.
IPSIE의 주요 측면은 다음과 같습니다:
- 단일 로그인
- 생애 주기 관리
- 권한
- 위험 신호 공유
- 세션 종료
Okta는 또한 조직이 신원 부채를 줄이고 보안 태세를 개선하는 데 도움이 되는 안전한 신원 평가 (SIA)를 도입했습니다. SIA는 포괄적인 신원 평가, 맞춤형 권장 사항 및 사전 위험 감소 전략을 제공합니다.
Okta et la Fondation OpenID ont annoncé la formation d'un groupe de travail pour établir une nouvelle norme de sécurité d'identité appelée Profil d'Interopérabilité pour une Identité Sécurisée dans l'Entreprise (IPSIE). Cette initiative vise à fournir un cadre pour les entreprises SaaS afin d'améliorer la sécurité de bout en bout à travers leur pile technologique. Le groupe de travail comprend Ping Identity, Microsoft, SGNL et Beyond Identity.
Les aspects clés d'IPSIE incluent :
- Authentification Unique
- Gestion du Cycle de Vie
- Droits d'Accès
- Partage de Signaux de Risque
- Terminologie de Session
Okta a également introduit l'Évaluation de l'Identité Securisée (SIA), une approche pour aider les organisations à réduire leur dette d'identité et à améliorer leur posture de sécurité. SIA offre une évaluation complète de l'identité, des recommandations personnalisées, et des stratégies proactives de réduction des risques.
Okta und die OpenID Foundation haben die Bildung einer Arbeitsgruppe bekannt gegeben, um einen neuen Sicherheitsstandard für Identitäten namens Interoperabilitätsprofil für sichere Identität im Unternehmen (IPSIE) zu etablieren. Diese Initiative zielt darauf ab, einen Rahmen für SaaS-Unternehmen bereitzustellen, um die End-to-End-Sicherheit über ihren Technologiestack hinweg zu verbessern. Die Arbeitsgruppe umfasst Ping Identity, Microsoft, SGNL und Beyond Identity.
Wesentliche Aspekte von IPSIE sind:
- Single Sign-On
- Lebenszyklusmanagement
- Berechtigungen
- Teilen von Risikosignalen
- Beendigung von Sitzungen
Okta hat auch die Sichere Identitätsbewertung (SIA) eingeführt, einen Ansatz, um Organisationen zu helfen, ihre Identitätsverschuldung zu verringern und ihre Sicherheitslage zu verbessern. SIA bietet eine umfassende Identitätsbewertung, maßgeschneiderte Empfehlungen und proaktive Strategien zur Risikominderung.
- Formation of a new identity security standard (IPSIE) with major tech companies
- Over 50 leading enterprise SaaS apps already support aspects of the future standard
- 100+ new integrations across top ISVs to encourage IPSIE adoption
- Introduction of Secure Identity Assessment (SIA) to help organizations reduce identity debt
- None.
Insights
The formation of the IPSIE working group marks a significant step towards standardizing identity security in SaaS applications. This initiative addresses a critical gap in the current cybersecurity landscape, where many cloud applications lack robust identity security measures. The proposed standard aims to integrate essential security features like SSO, MFA, lifecycle management and risk signal sharing.
Key benefits include:
- Enhanced visibility across the identity threat surface
- Streamlined development of secure-by-default SaaS applications
- Consistency in security measures across various SaaS platforms
Okta's commitment to developing 100+ new integrations with top ISVs and offering IPSIE-compliant features in their Customer Identity Cloud demonstrates strong industry backing. However, the success of this standard will ultimately depend on widespread adoption by SaaS providers and enterprises.
Okta's leadership in this initiative positions them favorably in the identity and access management (IAM) market. The company is leveraging its expertise to address a critical industry need, potentially expanding its influence and market share. The introduction of the Secure Identity Assessment (SIA) service is a strategic move that could drive additional revenue streams.
Key points for investors:
- Potential for increased market penetration through IPSIE standard adoption
- New revenue opportunities from SIA services across different tiers
- Enhanced competitive positioning in the IAM space
While this news is positive for Okta's long-term prospects, it's important to note that the full financial impact may take time to materialize as the standard gains traction and SIA services are rolled out.
![Identity Security Standard: Interoperability Profile for Secure Identity in the Enterprise [IPSIE] (Graphic: Business Wire)](https://mms.businesswire.com/media/20241016143671/en/2272539/4/IPSIE_Identity_Standard_Newsroom.jpg)
Identity Security Standard: Interoperability Profile for Secure Identity in the Enterprise [IPSIE] (Graphic: Business Wire)
Why it Matters:
- Thousands of different applications in the cloud today are built without secure identity.
- Until now, there has never been a framework for SaaS builders to bring together new and existing technologies like SSO, risk signal sharing and session termination.
- We are already working together with leading SaaS providers to embrace this new standard.
- Over 50 leading enterprise SaaS apps including Google, Microsoft Office 365, Slack, and Atlassian have already built features and APIs that support aspects of this future standard.
“Okta is focused on elevating the entire technology industry to be better protected from attacks. Our goal with IPSIE is to standardize identity security and help foster an open ecosystem where building and using enterprise applications that are secure by default is easy for everyone,” said Todd McKinnon, CEO and Co-Founder at Okta. “We are proud to have led the formation of this working group within the OpenID Foundation as we work to standardize identity security and make the world a more secure place.”
What’s New - Identity Security Standard: Interoperability Profile for Secure Identity in the Enterprise [IPSIE]:
Okta is determined to get security right and in order to get security right, you need to get identity right. The future of the industry rests in not just securing identity, but also having a secure identity standard that is open and available to everyone. Okta’s mission has always been to free everyone to safely use any technology and this standard is a step closer to making this a reality.
The formation of the IPSIE working group with OpenID Foundation will enable identity providers, ISVs and public and private sector organizations to integrate identity security across every facet of their ecosystem. In addition to the basics of SSO and MFA, IPSIE will enable organizations to better control governance, entitlements, workflows, authorization, and continuous authentication to detect risk signals effectively and take actions to manage their identity security posture.
To support the integration of critical identity security capabilities into SaaS apps, IPSIE aggregates a set of existing and new standards. These include:
- Single Sign-On: Centralize login, policies, and enforcement
- Lifecycle Management: Secure user on/offboarding and prevent security risks like orphaned accounts and shadow directories to avoid unauthorized access
- Entitlements (Governance/ Privileged Access): Enforce least privilege access and move toward zero standing privileges
- Risk Signal Sharing: Seamless security insights sharing across your entire security ecosystem
- Session Termination: Immediately terminate all user sessions in response to detected threats
By advancing identity security standards and fostering a more open ecosystem, IPSIE empowers organizations to:
- Gain more complete visibility across the identity threat surface: With more insights into their identity security, organizations can better protect themselves against cyber attacks, ensuring the right access is granted at the right time and enabling real-time responses to breaches.
- Build secure-by-default SaaS applications more seamlessly and efficiently: Any app built to the standard will adhere to a higher level of security by ensuring that it can be governed, manage entitlements, support MFA, posture management, and real-time universal logout.
- Drive consistency and flexibility across SaaS: These standards enable consistent security outcomes across SaaS applications. They also allow for simplified compliance and reduced integration challenges that encourage flexibility and choice within an organization’s tech stack.
To further encourage the adoption of IPSIE, Okta is taking integration to the next level with:
- 100+ new integrations across top ISVs: Okta has worked with leading SaaS vendors to build over 125 deep integrations with some of the most widely adopted enterprise applications, including Google, Microsoft Office 365, Slack, and Atlassian. These applications support features which will be included in the standard to better meet the tech ecosystem and customers where they are today, while providing a framework to better protect them in the future.
- Okta Customer Identity Cloud (CIC) will enable every app builder to easily build their applications to be IPSIE-compliant and secure by default: Starting with our new free and self-serve plans all the way to our enterprise plans, developers of any size will be able to use IPSIE-standard features like SSO, MFA, SCIM and Universal Logout.
What’s New - Secure Identity Assessment (SIA):
We know organizations are struggling with identity security debt and how to manage it as they face a multitude of challenges from ensuring compliance, reducing operational complexity, and securing their own infrastructure from breaches.
At Okta, we have a wealth of experience and lessons learned with our internal security debt management program, and bringing critical security debt down to zero. We’re extending this to our customers with the Secure Identity Assessment (SIA), our end-to-end approach to reduce our customers’ identity debt by equipping them with the tools and expertise to identify vulnerabilities like admin sprawl, improve their identity infrastructure, and adopt the strongest possible security posture on an ongoing basis.
SIA combines the best of Okta’s expert advice with identity security controls, training, and certifications to help organizations enhance their overall security posture and lower their identity debt. As part of SIA, Okta provides customers with an Identity Security Checklist to assess vulnerabilities, an Identity Security Maturity Assessment to track security progress, Okta Expert Assist for guided setup and best practices, and Okta Learning with access to instructor-led training and certifications.
The assessment provides:
- Comprehensive Identity evaluation: Identify misconfigurations, orphaned accounts, and security gaps with an expert-driven approach.
- Tailored recommendations: Implement custom remediation plans based on your org’s size, structure, and security needs to address technical debt efficiently.
- Proactive risk reduction: Strengthen your security posture and streamline compliance through actionable insights and periodic assessments.
SIA offers a clear roadmap for reducing identity debt and working towards compliance in a complex regulatory environment. It comes in three flexible service tiers: Premium, where large customers get comprehensive discovery sessions and in-depth analysis; Advanced, offering targeted recommendations and partner-assisted discovery sessions, ideal for mid-sized orgs focused on reducing identity debt; and Essential, where customers can start with self-paced or partner-guided assessments using Okta’s tools—perfect for smaller teams or those seeking a scalable solution.
About Okta
Okta is The World’s Identity Company™. We secure Identity, so everyone is free to safely use any technology. Our customer and workforce solutions empower businesses and developers to use the power of Identity to drive security, efficiencies, and success — all while protecting their users, employees, and partners. Learn why the world’s leading brands trust Okta for authentication, authorization, and more at okta.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20241016143671/en/
Media Contact:
Kyrk Storer
press@okta.com
Source: Okta, Inc.
FAQ
What is the new identity security standard announced by Okta and OpenID Foundation?
Which companies are part of the IPSIE working group with Okta?
What key aspects does the IPSIE standard cover for identity security?
What is the Secure Identity Assessment (SIA) introduced by Okta?
