Oktane 2024: The future of Identity security

Oktane offers us the opportunity each year to reflect on Okta’s momentum and outline what’s next for the company. This year’s Oktane starts with a story of transformation — going right to the core of Okta’s identity as an Identity company.

When we founded the company in 2009, our focus was on connecting people with technology and powering the rapid scale and global adoption of the cloud. We’ve come a long way since then: Today, we’re powering over 1 billion unique monthly users across 19,300 customers, and we’ve grown into the world’s largest independent and neutral Identity company. During that time, Identity has become the foundation of technology, which means we’re the entry point to our customers’ most important data and infrastructure. We’re no longer powering just the adoption of the cloud — we’re also securing countless interactions in the cloud.

It’s become clear that to get security right, you have to get Identity right. Said even more simply, Identity is security. So while it’s still true that Okta is an identity company, in a world where Identity is security, Okta is a security company. Since our last Oktane, we’ve been working hard to become one of the most secure companies in the world. We’ve formalized that effort through the launch of the Okta Secure Identity Commitment.

We’ve learned a lot in this process — not just about our own identity, but about the technology industry at large. Building and maintaining a robust security posture is much harder than it should be. Why is that? The technology landscape is complex and deeply fragmented. Integrations aren’t the default. Visibility is difficult to achieve. Every piece of technology is built to a bespoke level of security.

Until now, the industry hasn’t had an Identity security standard for enterprise applications that ensures interoperability across all of technology. That’s changing today.

Introducing Interoperability Profile for Secure Identity in the Enterprise (IPSIE)

Okta has led the formation of a working group within the OpenID Foundation with the aim of creating the first unified identity security standard for enterprise applications, resources, and workloads. Interoperability Profile for Secure Identity in the Enterprise, or IPSIE, will standardize the way Identity security is done across the industry and help foster an open ecosystem where building and using enterprise applications that are secure by default is easy for everyone.

Let’s take a look at how IPSIE will work:

 

How IPSIE works

 

IPSIE will aggregate a set of new and existing standards for single sign-on (SSO), lifecycle management, entitlements, risk signal sharing, and session termination. It codifies the connection between Identity and security and provides a framework for any enterprise application to be discoverable and governable and to support SSO, SCIM, and continuous authentication through a variety of use cases.

IPSIE will provide clear benefits across the technology ecosystem. Beyond providing a clear Identity security blueprint to builders of technology, the organizations that standardize on IPSIE-compliant applications will get comprehensive visibility into their Identity threat surface and will be empowered to take real-time actions on threats — including Universal Logout — all requiring far fewer calories than this takes today.

We recognize that standards don’t get adopted overnight. But this is where Okta shines. Since 2009, we’ve been kickstarting the adoption of standards like WS-Fed, SAML, and OpenID Connect. We know how to do the work to both encourage broad adoption and fill the gaps where standards can’t yet operate.

We’re making it easy for builders and users of SaaS applications to adopt IPSIE through a series of new innovations, including 125 new Secure Identity Integrations across some of the biggest enterprise technologies, such as Google, Microsoft Office 365, Slack, and Atlassian. What’s more, we’re continuing to invest resources that support the broader industry shift to open and interoperable Identity security in close partnership with the standards bodies, Identity providers, and independent software vendors.

All of this has been a further acceleration of Okta’s vision to free everyone to safely use any technology. It has also represented an important milestone in Okta’s transformation. Our technology worldview is that Identity security should be simplified and standardized. We’re heading in that direction and we want to ensure this future is open and available to everyone.

We believe that IPSIE will be the most comprehensive approach to Identity security and we’re looking forward to the work ahead to make the world a more secure place.

 

More from Oktane 

IPSIE is just scratching the surface of what we’re unveiling at Oktane — check out all the product announcements we launched this year across our Workforce and Customer Identity Clouds.