August 28 - 30 | Las Vegas

Okta

Looking for Okta Logos?

You can find all the media assets you need as part of our press room.

Download Media Assets

Contextual Access Management: Innovating Across SSO, Adaptive MFA and Mobility Management

Eric Berg
Chief Product Officer

Seamless and secure access— anywhere, any device, anytime for any user. It sounds simple, right?

Gone are the days when employees had a Windows desktop and authenticated with the corporate network to AD to get access to apps running in your datacenter. If users were outside the company, they were funneled in via the VPN.

It’s a challenge to provide seamless, secure access in today’s multi-vendor world where employees, customers and partners are accessing both on-prem and cloud services globally, 24x7, from any device. Combined with an increasing number of data breaches and cyber attacks — security is becoming infinitely more complex. 

If you are at Oktane this year, you can catch a session with Okta’s Director of Product Management Alex Bovee and Planned Parenthood Federation of America’s CTO, Franklin Rosado: The Evolving Threat Landscape + Okta’s Security Products Roadmap, in which he’ll talk about this very subject. During the session, Rosado will note that security is getting more complicated than ever, but solutions need to be pragmatic. “More than ever, organizations need to think about context,” Rosado says of security. “Who is the user, what device are they using, where are they accessing from, when are they requesting access? This context can give you the data you need and of course you need a system with the intelligence necessary to rapidly process this context and make policy-driven access management decisions—confirm or deny access, or step-up security—in real-time.”

To tackle this problem, we’ve made a coordinated investment across our Single Sign-On (SSO), Adaptive MFA, and Mobility Management products resulting in the industry's most integrated, user-focused and vendor-neutral approach to contextual access management – all delivered as a 100% cloud-native service.

We’re the only vendor able to support contextual access management for devices running operating systems from Apple, Google and Microsoft. We’re not trying to get you to buy more operating systems – we just want you to be able to manage access across devices that run any of them. We support contextual access management across 5,000+ applications in our Okta Application Network. We love email, CRM and HR apps, but we aren’t trying to get you to buy more of ours – we just want you to be able to manage access across any app you need to make your business run. And all of this functionality is exposed via our platform. With our new API Access Management product, contextual access management can also be applied to APIs. So if you need to build a custom web or mobile app experience – and want to provide a contextually aware access management experience – you can do it on Okta.

Want to use only some of our products, and not others? We can do that too. We’ve developed an integrated administrative experience with incredible time to value and low operational costs across our three products – but we also integrate with alternative solutions. You can use Okta Mobility Management to distribute a certificate to establish device trust (like on a Mac) or you can have a third-party issue and deliver the certificate (like Active Directory for a Windows Device). Both will be recognized by the combination of our SSO and Adaptive MFA products when it comes to making an access decision based on device trust.  

Simply denying access to untrusted devices would result in user backlash and a flooded helpdesk. This is why we’ve invested heavily in integrating across our products to deliver a simple and intuitive consumer experience that helps users understand why they’ve been denied access, and what they need to do to get productive.

Spanning all of our products is the most powerful, flexible policy engine on the planet (or in the cloud!). For example, you can set up one geolocation policy for the US and a separate one for Asia. With our competitors? It's just on network or off network.

Using SSO, Adaptive MFA and Mobility Management you can now enforce contextual access management decisions based on conditions such as user identity, device, location, IP reputation and time of day, while still delivering secure digital experiences that people love. And, you can establish fine-grain, flexible policies based on geolocation and different user populations. The specific updates we are announcing today to our products are below—but this is an area where you will continue to see us innovate over the quarters and years to come.

  • Okta Single Sign-On: We’ve added security notifications for end-users to alert them when untrusted devices, anomalous behavior, or logins from high risk IPs are detected. Okta SSO now supports device trust established by Okta Mobility Management or any third-party Certificate Authority. In addition, your IT team can leverage the powerful policy framework to make access decisions with protocol-level context, for example blocking email from the web, while still allowing access from the desktop or mobile app.

  • Okta Adaptive MFA: We’ve expanded the power of the policy framework to incorporate additional risk context on which access management decisions can be made—including trusted devices, IP reputation, and geolocation context. We’ve also added email as second factor, and Okta Verify expands support for multiple third-party tokens, and integrates with Windows Hello.

  • Okta Mobility Management: Okta Mobility Management adds Certificate Authority capability and the ability to distribute certificates to devices to establish device trust. Initial support will include Mac OS X devices, with support for iOS, Android, and Windows 10 later this year.

Eric Berg
Chief Product Officer

Eric Berg is a seasoned product and marketing leader with over 20 years of experience across engineering, marketing and business development for both early stage SaaS companies and high growth software businesses within larger organizations. With Okta since early 2010, he is currently focused on company and product strategy, product management, product marketing, technical marketing and platform evangelism.

Prior to Okta, Eric served as the VP of Product Management and Marketing for Apptio, the market leading SaaS provider of IT financial management solutions, the Director of Product Management at Microsoft, and the Director of Product Marketing and Business Development at Ensim. Eric also has experience working at Goldman Sachs and Intel, where he held a variety of engineering management, technical marketing and product management positions.

Eric earned his bachelor’s in electrical engineering at the University of Washington and his MBA at Northwestern University’s Kellogg School of Management. Eric also enjoys running, cycling and spending as much time in the outdoors as possible with his family.

Follow Eric Berg