Go beyond patch management and enforce device compliance with extensible, real-time posture checks

Employees require secure access to the apps and tools they depend on, anytime and from any device, regardless of location. For this to be possible, organizations need an identity security fabric that provides end-to-end protection to secure identities and seamless orchestration and integration across security tools to respond to threats in real time.

In short, you need a comprehensive approach to identity security, which includes maintaining a strong device security posture. According to Jamf’s 360 Security Annual Trends Report, 39% of organizations had at least one device with known vulnerabilities in 2024. This issue relates to known vulnerabilities with patches available, yet the devices in question lack the updates to remediate those vulnerabilities. Security leaders need a way to enforce device trust across access scenarios.

At Okta, we believe identity should empower IT and security teams to protect the enterprise across all login touchpoints without compromising productivity or agility. That’s why Okta has long prioritized delivering the deepest device integrations with major platforms and investing meaningfully in securing device access.

For the next stage of this journey, Okta introduces Advanced Posture Checks. Available with Adaptive MFA, Advanced Posture Checks empower you to collect and assess device context on any Windows or macOS device attribute or security setting so you can further strengthen Zero Trust security during authentication. This new feature also supports customizable remediation instructions to help end users troubleshoot device posture issues and regain access to their apps without contacting IT.

“Okta's Advanced Posture Checks have made it easier for us to manage device compliance and to reinforce our Zero Trust security strategy,” said Alexander Makarov, staff engineer at Adyen. “These custom checks give us the additional assurance that every device accessing our resources meets our compliance standards, while empowering our employees to be part of the security solution.

Customizable, real-time device posture evaluation

The rapidly evolving nature of cybersecurity threats requires organizations to adapt and address security gaps just as quickly. In particular, organizations must maintain a strong security posture across workforce devices. However, managed devices are prone to MDM configuration drift due to policy enforcement delays and stale views of device compliance states. To add to the complexity, ensuring compliance across an enterprise with multiple departments and their own MDM solutions is next to impossible. Non-compliant devices with access to resources are targets for bad actors, elevating security risk for the entire organization.

With Advanced Posture Checks, you can centrally reinforce MDM policies to drive device compliance before allowing access to downstream resources. It is an extensible device compliance solution that collects device signals so you can customize rules within Okta’s application policy framework.

Advanced Posture Checks build upon Okta’s Device Assurance policies and extend them to include tailored compliance checks that meet your unique security needs for managed devices. You can collect any device attribute from your device fleet in real time when starting a new session, opening a new app, or for continuous risk assessment with Identity Threat Protection with Okta AI. If an end user’s device fails a device check, you can enable the user to self-remediate with custom, detailed guidance on why access was denied and how to swiftly bring their devices into compliance to unblock access without burdening IT admins.

You can now create custom posture checks for macOS with Advanced Posture Checks in Early Access. Support for Windows is coming later in June 2025. To learn more about this feature, please visit the product documentation.

Custom remediation messages can be supported on managed ChromeOS and managed or unmanaged Windows, macOS, iOS, and Android devices.

What’s next: Okta as a security posture aggregator

Okta wants to empower admins to source device context across their technology ecosystem so that access is allowed only on trusted devices that meet all compliance requirements. To that end, Okta has a robust roadmap to deliver on this vision. This includes extending support of Advanced Posture Checks to unmanaged macOS and Windows devices, supporting additional extensibility models to enable further integration across your ecosystem of tools, and providing device insights reports for better visibility and management.

Stay tuned for these milestones, and in the meantime, please visit the Adaptive MFA product webpage to learn more about Okta’s device posture capabilities.