Context + Access: How Identity-Driven Security Can Prevent Breaches in Your Business

It seems like every other day we see a new headline with the latest security breach or hack. From our favorite television services to the world’s largest banks, security is something we all have to worry about.

Why are these breaches so prevalent? It’s simple: the walls we put up to protect our data no longer exist. And the security stack we’ve grown to trust to protect us is becoming less effective with time. We have more data with more people and in more locations than ever before – and edge-based solutions (such as the identity-layer) have become one of the only consistent control points in this perimeter-less world. Hackers know it, too: credential harvesting is the most fruitful tactic for today’s threat actors, with 81% of today’s breaches leveraged either stolen and/or weak passwords.

Organizations need to step up their identity-driven security game. And we’re rolling out a number of enhancements both to our security products and across the Okta Identity Cloud to help mitigate potential threats to their most valuable asset – their end user credentials.

That begins with authentication.

To help businesses protect against data breaches, we’re raising the bar on our strong cloud-based authentication services to further mitigate the risk of data breaches from compromised credentials. Effective immediately, Okta Single Sign-On now includes basic two-factor authentication for all users – setting a new standard for strong, identity-driven security. We’re also rolling out a compromised password detection feature, which will enable Okta customers to create policies that prevent users from using commonly used passwords that were exposed as part of publicly-known data breaches.

… And combines with our robust network for stronger security for everyone.

We also know that security for everyone extends beyond authentication and impacts the entire Okta network, which is why we’ve invested heavily in our security team at Okta. Our team uses information across the Okta Identity Cloud to understand potential security threats to the Okta cloud platform. In addition, we’re enabling organizations to manually blacklist IP addresses and ranges when being attacked, or from addresses that they’ve historically deemed to be malicious.

Exhaustive coverage brings MFA to every application and enhanced anomaly detection for AMFA.

For the many organizations that are looking for additional ways to enhance security, we’ve also enhanced our MFA solution by supporting a broader set of applications. Okta MFA can now be used for RDP, LDAP, other SSO products, ADFS, custom web apps and RADIUS, resulting in exhaustive coverage of all applications in the Okta Integration Network.

Adaptive Multi-Factor Authentication (AMFA) has also been enhanced with new anomaly detection capabilities. Now, AMFA can detect anomalies based on the user’s location and client, such as OS and browser user agent – helping them make more intelligent access decisions based on the context of the authentication event. Additionally, organizations with AMFA can now use Okta’s device trust capabilities to determine whether or not an authentication event is coming from a trusted/untrusted device, ensuring only trusted devices can gain access to business critical applications.

Identity-driven security requires us to embrace the realities of today’s computing landscape. We have less control over the devices people use, the networks they communicate on, and the applications they use to conduct business. But through the identity layer – specifically authentication and authorization – we can provide a seamless experience for end users while still providing IT and information security teams the control and visibility they need to safeguard the enterprise.

We’ll continue to drive innovations to ensure security is as simple, manageable and user-friendly as every service in the Okta Identity Cloud – with more to come in the future.