SAN FRANCISCO — August 29, 2017 — Okta, Inc. (NASDAQ:OKTA), the leading independent provider of identity for the enterprise, today delivered new functionality for its cloud-based Okta Adaptive Multi-Factor Authentication (AMFA), securing all resources in the enterprise. The company also announced that basic two-factor authentication now comes standard for every Okta user, setting a new baseline for strong identity protection, and released new adaptive security features to protect customers from the impacts of credential theft and account takeover attacks.
“In today’s cloud and mobile world, we have more data, with more people, and in more locations than ever before – making credential harvesting the most fruitful tactic for today’s threat actors,” Yassir Abousselham, Chief Security Officer at Okta. “Identity is now the security team’s last control point because security can’t manage every single person, device and app; what they can control is who has access to information, and when. That’s why we’ve made significant investments to make the security provided by the Okta Identity Cloud even more effective. Now, with enhancements to our AMFA solution, multi-factor authentication as the new standard of identity-driven security, and the ability to make smarter security decisions based on context, we’re helping to ensure the right person gets access to the right resources, at the right time.”
Security that Starts and Ends with Authentication
Today 81% of data breaches involve stolen or weak credentials, and safeguarding end users has become increasingly difficult due to the increased flexibility of modern mobile and cloud technology. To help IT and security teams manage today’s proliferation of users, applications and devices, Okta focuses on securing the common point in each of these scenarios – the user – which starts and ends with authentication.
By integrating and securing more than 5,000 applications, IT infrastructure and devices in the Okta Identity Cloud, Okta makes creating and maintaining secure credentials easy. Now Okta is adding to its strong cloud-based authentication services to further mitigate the risk of data breaches from compromised credentials for every Okta user. Effective immediately, Okta Single Sign-On includes a simple one-time passcode strong authentication for all users – making two-factor authentication now the standard for everyone that uses Okta. Additionally, because reusing the same password across accounts makes it easier for threat actors to gain access to credentials, Okta is rolling out a compromised password detection feature, which will prevent all Okta users from using commonly used passwords and passwords that were exposed as part of publicly known data breaches.
For instances where more robust security is required, Okta AMFA provides a comprehensive set of authentication factors and a robust policy framework that supports contextual access management and adaptive, risk-based authentication. By using context, Okta AMFA gives the right users access only to the data and application permissions they need, at the right time – easily and securely. Now Okta is applying AMFA to an even broader set of applications, and can now be used for RDP, LDAP, other SSO products, ADFS, custom web apps and RADIUS, resulting in exhaustive coverage of all applications in the Okta Integration Network. Customers can also choose to start with AMFA before beginning their SSO journey, or add AMFA to their existing Okta Identity Cloud service.
“At Levi Strauss & Co., we didn’t just invent the blue jean – we’ve been innovating in apparel for more than 150 years. As we’ve continued to grow, we’ve also looked for ways to use technology to enable simple, consumer-like experiences for our employees, empowering them to do their best work while at the same time allowing us to keep company information secure,” said Colin Anderson, Chief Information Security Officer at Levi Strauss & Co. “Okta makes this balance of security and usability seamless. With identity as a core piece of our IT and security infrastructure, we’re able to make access and authentication simple – and now with Okta’s Adaptive Multi-Factor Authentication, we’ll be able to strengthen that security layer further across all our users, applications and devices.”
Intelligent, Context-Driven Protection
The Okta Identity Cloud closely monitors access behaviors to determine when there is a potential threat actor using compromised credentials to gain access to sensitive company information. With this intelligence, organizations using Okta AMFA can detect anomalies based on the user’s location and client, such as OS and browser user agent – helping them make more intelligent access decisions based on the context of the authentication event. Organizations with AMFA can also now use Okta’s device trust capabilities to determine whether or not an authentication event is coming from a trusted/untrusted device, ensuring only trusted devices can access business critical applications such as Office 365, Workday or Salesforce.
Okta also uses information across the Okta Identity Cloud to understand potential security threats to the Okta cloud platform. Okta’s security operations team closely monitors security threats across the network 24/7 by capturing broad threat intelligence from our cloud-based platform. Now Okta is sharing that intelligence across the network, allowing organizations to both manually blacklist IP addresses when being attacked and create a policy-based blacklisting for geographies using information such as country and proxy status.