Okta expands device assurance with Google Chrome integration

When employees have the opportunity to work remotely or in a hybrid arrangement, they take it. As a result, endpoints such as laptops, phones, and other devices, can be located from anywhere in the world as potential points of enterprise vulnerability. Oftentimes, device security standards are not up to date. And as organizations increasingly shift from a focus on digital transformation to building a sustainable modern, digital business, it's critical that they have a strong security posture and an agile workforce that can easily and securely access their resources.

Last year, Okta introduced device assurance policies that allow customers to check sets of security-related device attributes as part of authentication policies before that device can be used to access Okta-protected resources. This helps organizations establish minimum requirements for the devices that are used to access critical systems and applications, denying access if those requirements are not met. When included as part of an authentication policy, the device assurance checks can be applied to specific users, groups, or devices.

Today, Okta extends device assurance to integrate and support signals from Google Chrome. This means that customers can now create authentication policies that leverage device signals from either a managed Chrome browser or a managed ChromeOS device to gate access to a protected app.

For organizations that use Chromebooks, this means that they will be able to leverage device signals from ChromeOS as part of authentication policies. For organizations that are not yet ready to deploy Okta Verify and FastPass on platforms where they are currently supported, there will be another means to bring in device attributes from the Chrome browser to secure managed or unmanaged Windows and macOS devices. This new Chrome integration does not currently support mobile phones, although customers can still take advantage of device assurance for iOS and Android devices through Okta Verify.

By extending device assurance policies to Chrome, Okta is meeting customers where they are to secure authentication flows on platforms where Okta Verify isn’t available yet. Okta continues to serve and secure a heterogeneous mix of devices as a neutral vendor that supports best-of-breed technology. This new integration enables organizations to provide their workforce with the tools they need to remain productive without sacrificing security.

This feature is Generally Available (GA) starting September 19, 2023. It is available only with the Okta Identity Engine. To learn more, check out the blog post by Chrome Enterprise. You can also read more about this integration in the Okta product documentation, where you can learn to set up the integration and create a device assurance policy.