Looking for Okta Logos?

You can find all the media assets you need as part of our press room.

Download Media Assets

Device Aware Access: Okta Identity & Best of Breed Device Management

Eric Berg
Eric Berg
Former Chief Product Officer

Okta enables users to securely access the applications they need, wherever and whenever they need them. Cloud app and mobile device adoption in the enterprise have created a world where people can work from anywhere, and enjoy incredible experiences that make them more productive. Employees are no longer sitting behind a proxy or firewall when they need this access. Organizations need a more modern approach to access control to ensure the security of their sensitive and proprietary information. They need a next-generation access management architecture centered on people and designed for the principle of a zero-trust network.

That architecture has to be aware of the device that the person is using. I often get asked about how or whether our Identity Management service supports these device aware access scenarios and how we integrate with Enterprise Mobility Management products in that context. This post elaborates a bit more on our answer to these questions.

Device Trust: A critical input for Contextual Access Management

As the traditional network-based perimeter erodes, device context is a critical input to ensuring that the right person has access to the right information, at the right time. Understanding the security profile of a device – i.e. that it’s encrypted, not jailbroken or rooted – adds a layer of trust that’s a fundamental input to a secure access decision.

As people within an organization access applications from a wide range of devices, operating systems and browsers, we need a device trust framework that provides broad application coverage, best of breed interoperability, a great user experience, and a simple user experience.

Over the past year Okta has released a series of device trust capabilities including:

  • Use of Exchange ActiveSync certificates to prevent unmanaged devices from accessing Office 365; and
  • Device trust for Windows to ensure that only users on managed, domain-joined Windows computers can seamlessly SSO into Okta protected apps, securing corporate data even when there is no defined network boundary.

Moving forward in 2018, we’ll be expanding the breadth and depth of our support for device trust. We will tap into these device trust signals through vendor specific integrations as well as some integration methods that are agnostic to any vendor. The result will give our customers a broad range of options to meet their requirements.

A Perfect Combination: Best of Breed Identity & Mobility Management

A big part of our device trust strategy is ensuring Okta integrates well with Enterprise Mobility management products. Together, our products provide a more powerful, secure solution to support the needs of our joint customers. These integrations allow us to optimize for end user experience and productivity, while also giving our joint admins a simple setup process. This best-of-breed approach gives our customers the broadest set of access controls over the devices and platforms they care about. It also enables enterprises to leverage their existing investments in Okta’s Identity Management and their Enterprise Mobility Management vendor of choice.

Here is how our partners at MobileIron and Jamf are describing our collaboration:

“Organizations are working to address security vulnerabilities, ward off cyber threats and protect intellectual property. Jamf and Okta are tightly integrating our services to provide a people-friendly, secure experience that ensures the right people have access to the right data at the right time on any Apple device.” - Joe Bloom, Product Manager, Jamf

“Cloud services are a mandate for many organizations but companies are losing data every day to unauthorized devices and apps. Okta and MobileIron are partnering closely to provide our joint customers with contextual access policies that secure access to apps, data and devices.” - Ojas Rege, Chief Strategy Officer, MobileIron

Our rollout of these integrations will begin in early 2018, and we’ll share supporting documentation as those are released. Feel free to reach out to your Okta representative if you’d like more information in the interim, or if you are an Okta customer and are interested in participating in our iOS or upcoming Android device trust beta, please sign up here.

Eric Berg
Eric Berg
Former Chief Product Officer

Eric Berg is a seasoned product and marketing leader with over 20 years of experience across engineering, marketing and business development for both early stage SaaS companies and high growth software businesses within larger organizations. 

Prior to Okta, Eric served as the VP of Product Management and Marketing for Apptio, the market leading SaaS provider of IT financial management solutions, the Director of Product Management at Microsoft, and the Director of Product Marketing and Business Development at Ensim. Eric also has experience working at Goldman Sachs and Intel, where he held a variety of engineering management, technical marketing and product management positions.

Eric earned his bachelor’s in electrical engineering at the University of Washington and his MBA at Northwestern University’s Kellogg School of Management. Eric also enjoys running, cycling and spending as much time in the outdoors as possible with his family.

Follow Eric Berg icon LinkedIn