New enhancements to the Workforce Identity Cloud's unified security solution announced at Oktane 2024

Technology is unlocking opportunities and business outcomes like never before, but it’s also introducing complexity and potential risk for organizations. 

When a biomedical engineering team spins up new AI models, they could drive business outcomes like accelerating a clinical trial for a new vaccine. At the same time, IT and security teams have to deal with machine identity sprawl, over-permissioning, and the potential for lateral movement within the network.

Three out of four security breaches stem from an Identity-based attack. 

As Identity becomes central to everything that we do, businesses need to be empowered with visibility and control over potential Identity security threats across their entire tech ecosystem.

A Unified Identity security solution

This week, at Oktane, we announced a slew of exciting innovations for the Workforce Identity Cloud, providing unified Identity security controls that protect employees and critical resources before, during, and after the point of authentication.

Security before authentication

The Workforce Identity Cloud gives customers visibility into critical roles, permissions, and resources, to discover and remediate Identity risks. At Oktane, we announced three capabilities that enhance our customers’ Identity security posture.

Secure SaaS service accounts

Discover and protect service accounts across your organization. Whether they are service, shared, or break-glass accounts, security teams can take control of non-federated accounts across an organization SaaS environment and manage them as part of their broader Identity posture. Coming to Okta Privileged Access, Secure SaaS service accounts will be in Early Access in Q4 2024.

Governance analyzer with Okta AI 

Customers will be able to leverage Okta’s vast datasets – from device posture to relationship data to past governance decisions — to get critical insights and recommendations to get authorization right. Coming to Okta Identity Governance, it’ll be available in early access in Q1 2025. 

Automated remediation in Identity Security Posture Management 

Generally Available in Q4 2024, Identity Secure Posture Management will be able to automatically remediate critical risks. Leveraging the broader Okta platform, it will be able to enforce MFA for critical roles or trigger an access certification campaign in Okta Identity Governance.

Security during authentication

At the moment of authentication, Okta has long led the way helping customers enforce phishing-resistant, least-privilege controls across all users and resources. New capabilities announced at Oktane make authentication even more secure.

Extended device single sign-on

This reimagined single sign-on (SSO) experience will start from the moment your employees log in to their devices. It will improve your security posture by binding the Okta session to a secure hardware-protected key on the device. Users will be signed in to Okta-protected applications when they log in to their devices using their Okta credentials simply and securely., Extended Device SSO is coming to early access in Q1 2025.

Advanced posture checks

Okta administrators can enforce advanced posture checks to assess the security posture of their Windows and MacOS devices before granting or denying access to applications. They can also provide step-by-steps instructions to help users bring their devices back into compliance. It will be available in early access in Q1 2025.

Out-of-the-box integrations for Identity verification

Use out-of-the-box integrations with third-party Identity verification providers to enable seamless Identity verification throughout the employee lifecycle. Our integration with Persona is available in Early Access now! And more integrations with Clear, Incode, Socure, Onfido, and others are coming soon.

Bring your own Identity verification provider

Choose the Identity verification provider that works best for your organization and then integrate it with your Okta implementation. Early Access coming in 2025.

Security post authentication

Beyond the point of authentication, Okta helps customers continuously assess the risk of an active session and reduce the time it takes to detect and respond to Identity threats. It leverages security signals from across the security stack, including network and endpoint security tools, among others. 

We’re going further in this journey by announcing new integrations with leading security solutions, including AppOmni, Crowdstrike, and Workspace ONE. 

Additionally, we are expanding support for Universal Logout with applications from partners, such as Cerby and SURF Security, as well as any app built on the Customer Identity platform. 

Enhancements to the Okta platform

Interoperability Profile for Secure Identity in the Enterprise

This week at Oktane, we announced that we are leading the formation of a working group within the OpenID Foundation to create the first unified Identity security standard for enterprise apps, resources, and workloads: Interoperability Profile for Secure Identity in the Enterprise (IPSIE). This open industry standard will enhance the end-to-end security of enterprise SaaS products and provide a framework for SaaS builders to more easily meet evolving enterprise security needs

Secure identity integrations

This month, Okta is announcing over 125 new Secure Identity Integrations that bring advanced security to some of the biggest SaaS apps, enabling customers to enhance their security and reduce operational burdens by adhering to modern Identity security standards. Apps like Google Workspace, Microsoft 365, Salesforce, Zendesk, and many more are available today!

Workflows in post-audit for FedRAMP High

U.S. public-sector organizations will be able to use Workflows, Okta’s no-code identity automation and orchestration solution, to build and manage complex functions, maintain compliance standards, and improve experience management. Authorization expected in Q4 2024. 

Self-service enhanced disaster recovery

Last year we announced Enhanced Disaster Recovery, providing our customers the ability to initiate failover to a secondary site in under 5 minutes in case of a disruption with their primary site. We are expanding this capability, giving our customers the ability to initiate and test these disaster recovery failovers any time they need to.. Coming to Early Access in Q1 2025.

Protect your organization with Okta’s unified Identity security

To stay safe, organizations need to adopt a comprehensive Identity Security strategy that works in concert with existing security tools and applications. Okta’s unified identity security empowers organizations to take back control of their Identity security posture, implement the principle of least privilege, and detect and respond to Identity threats in real time.

To learn more about any of these products and features, visit our announcement page. We hope to see you again next year at Oktane.