A catalyst. A pivotal moment. A paradigm shift. Whatever you want to call it, 2020 has changed the game for how organizations around the world operate. While COVID-19 forced a sudden transition to remote work on a massive scale, the foundations for this transformation were laid over the last few years, with rapidly accelerating rates of digitization and cloud adoption.
At Okta, we’ve given a lot of thought to this global shift to dynamic work. Flexible schedules and remote work environments make work personal—and possible—for distributed teams. Now, Gartner’s recent report on remote access concludes that the number of employees outside traditional office environments has grown significantly, and it’s projected that 20% to 30% of the workforce will remain remote for the long term. For the world’s largest organizations—whether in government, healthcare, financial services, education, or technology—this represents a huge opportunity to offer employees the freedom and flexibility they have come to expect from forward-thinking workplaces, and to attract top talent from anywhere on the planet.
But in order for large organizations to keep their data secure, while ensuring seamless access for their distributed networks, best-of-breed identity and access management (IAM) solutions are going to be essential like never before. And although Gartner warns that quickly scaling these capabilities can come with challenges, the Okta Identity Cloud is designed to overcome hurdles right out of the gate. Let’s take a closer look at how.
Making the most of MFA
Gartner reports that multi-factor authentication (MFA) is critical to minimizing account takeover (ATO) risks. Organizations everywhere are more susceptible to phishing attacks and stolen passwords in remote access scenarios, and Gartner estimates that through 2021, organizations that expand remote access without MFA will be exposed to five times as many ATO attempts. That’s a risk organizations can’t afford to take.
However, Gartner also notes that there can be major obstacles to rolling out robust MFA options for organizations:
- Many MFA providers offer phone-as-a-token methods or one-time password (OTP) hardware tokens as security layers to be added to legacy passwords, but phones can be compromised, and OTP hardware tokens are costly to procure and distribute.
- Provisioning MFA at scale can pose a unique challenge, particularly for WLOs with thousands of users all needing different levels of access.
Okta Adaptive MFA is uniquely designed to solve these problems. Not only does it provide a wide selection of secondary factors for IT and security teams to choose from, but it’s context-aware. That means the location, device, and network of all access requests are automatically monitored, and additional security features such as Okta ThreatInsight and Risk-Based Authentication help flag suspicious activity. Sign-on policies can also be customized to accommodate the needs of different users and groups.
Strengthening the weakest link
From a security perspective, passwords pose some of the biggest threats to organizations. These credentials are the likeliest to be compromised in a data breach, and because they need to be complex in order to be strong, they also introduce friction into the login process.
But as Garter points out, reducing password complexity is not an option. Doing so diminishes the effectiveness of the entire IAM implementation, even if MFA is in place.
A central solution to multiple complex passwords is Okta Single Sign-On (SSO). By ensuring each employee only needs a single strong password to access the data and applications they need, organizations substantially reduce the risk of weak credentials being guessed by bad actors. Gartner recommends SSO to organizations, provided the solution is aligned to modern identity protocols such as SAML, OIDC, and OAuth; Okta SSO ticks all these boxes and more.
As Gartner observes, one of the classic pain points of MFA is the need for users to provide a second authentication factor whenever they try to sign into a new application. SSO solves this by granting access to all the apps the user needs with a single secure login and reducing user friction. Thanks to the Okta Integration Network (OIN), many of the apps that organizations rely on are likely pre-built into the Okta platform, making it easy to adopt new technologies and scale the scope of their IAM solution.
Incorporating customizable integrations
It goes without saying that many large organizations—especially those in long-established government, healthcare, financial, and educational institutions—have legacy on-premises applications as part of their core IT infrastructure. Gartner notes that beyond making it difficult to scale IAM coverage, this mix of old and new creates a significant hurdle for the future of the remote workforce. While popular apps often come pre-integrated into IAM solutions, the ability to integrate legacy or non-standard apps is less common, requiring proxies or agents that not all providers support.
Okta offers an alternative. Okta Access Gateway (OAG) enables modern IAM solutions such as SSO and Adaptive MFA to seamlessly connect to on-prem applications to deliver powerful security. This empowers organizations to retire the expensive, legacy SSO solutions added to their data centers over time, greatly reducing costs associated with overhead, licensing, and ongoing maintenance.
A complete, scalable solution
For organizations across the world, Gartner lays out three phases that will pave the path to successful dynamic work in the new remote reality:
- Response: Increasing the adoption of IAM and MFA solutions
- Recovery: Consolidating application access into a single IAM tool; retiring vulnerable factors
- Renewal: Assessing and optimizing IAM solutions to drive innovation
According to Gartner, organizations require at minimum an identity repository, SSO, MFA, and session management to provide reliable remote access for their workforces. The companies and institutions that adopt these tools are better equipped for the new era of secure work.
Read more about how Okta’s access management solutions can securely enable remote work for your teams.