MFA

How Okta uses machine learning to automatically detect and mitigate toll fraud

  International revenue share fraud (IRSF), also known as toll fraud, is a type of fraud where fraudsters artificially generate a high volume of international calls/SMS on expensive routes. Here’s how it works. Fraudsters exploit Okta’s authentication flow and make expensive phone calls and/or texts as part of the MFA flow where phone/text is used…

How to drive growth by modernizing Customer Identity

How does a 172-year-old company evolve to meet the needs of today’s customers and employees? That was one of the hot topics at the Gartner Identity and Access Management (IAM) Summit, where Okta’s Senior Principal for Industries, Tom Malta, hosted a fireside chat with MassMutual Financial Group’s Chris Rich to discuss how companies like MassMutual…

Automating Security Operations with Okta Workflows

Human actors still drive the vast majority of security breaches. In 2022, 82% of breaches involved the human element, whether it was the use of stolen credentials, phishing, misuse, or simply an error, according to Verizon's Data Breach Investigations. Yet, humans alone cannot protect against these threats. Security automation is critical to…

A Deep Dive Into Okta FastPass

This blog post is the second in a series focusing on credential phishing. Previously, in the blog The Need for Phishing-Resistant Multi-Factor Authentication, Mukul Hinge explained how threat actors are becoming more sophisticated, using various tools to overcome mitigations. Today’s post digs into the inner workings of Okta FastPass, explaining…

Cyber Security Awareness Month: The Problem with Passwords

Passwords are a fixture of our modern digital world that cause no end of frustration and angst. I am sure this scenario is a familiar one: ‘Incorrect password, please try again’<forgot password>‘Please enter a new password’<input incorrect password (because, hey, it wasn’t the right one anyway)>‘The password you have entered has…

What you Need to Know: An Update on the GLBA Safeguards Rule

With the expanding scope of cyberattacks on financial institutions and a substantial increase in fraud, government and industry oversight bodies are stepping up with new regulations and requirements to protect consumers. One of the most recent examples are the updates to the Gramm-Leach Bliley Act (GLBA).  After 20 years of regulating information…

MFA Fatigue: A Growing Security Concern

The internet has never faced so much existential risk from people who want to harm companies and their users. While many organizations understand that there’s a link between identity and security, few fully grasp how foundational identity is to a modern security strategy. Organizations with gaps in their identity security are significantly more at…

Archive