MFA

There’s a popular business adage that we’ve found to be pretty credible: “You are what you measure.” No matter how well you may think you understand your customers or your industry, you won’t know for sure until you dig into the data.  At Okta, we’ve seen our users opt for ever more robust sign-in solutions over the past 14 years. But what’s the…

  International revenue share fraud (IRSF), also known as toll fraud, is a type of fraud where fraudsters artificially generate a high volume of international calls/SMS on expensive routes. Here’s how it works. Fraudsters exploit Okta’s authentication flow and make expensive phone calls and/or texts as part of the MFA flow where phone/text is used…

How does a 172-year-old company evolve to meet the needs of today’s customers and employees? That was one of the hot topics at the Gartner Identity and Access Management (IAM) Summit, where Okta’s Senior Principal for Industries, Tom Malta, hosted a fireside chat with MassMutual Financial Group’s Chris Rich to discuss how companies like MassMutual…

Human actors still drive the vast majority of security breaches. In 2022, 82% of breaches involved the human element, whether it was the use of stolen credentials, phishing, misuse, or simply an error, according to Verizon's Data Breach Investigations. Yet, humans alone cannot protect against these threats. Security automation is critical to…

Situation: Scaling security practices to meet the needs of a global workforce  Kyocera AVX, a global manufacturing company, faced several challenges in scaling their security practices to protect their complex technical environment and global workforce. Initially, they used manual processes for some IT and security tasks. This included manually…

This blog post is the second in a series focusing on credential phishing. Previously, in the blog The Need for Phishing-Resistant Multi-Factor Authentication, Mukul Hinge explained how threat actors are becoming more sophisticated, using various tools to overcome mitigations. Today’s post digs into the inner workings of Okta FastPass, explaining…

Okta's integration with Amazon Web Services (AWS) allows end users to authenticate to one or more AWS accounts and gain access to specific roles using single sign-on with SAML.  Here’s how you can further secure this integration with multi-factor authentication (MFA) access using Attribute Based Access Control (ABAC) and dynamic session tags. By…

Part one of a multi-part series “Identity is the perimeter of security.” I was introduced to this phrase in 2012 after my manager returned from a conference. He scrawled that phrase at the top of the whiteboard in his office, and there it stayed until I eventually moved on from that organization in late 2013. Though I had already spent seven years…

Passwords are a fixture of our modern digital world that cause no end of frustration and angst. I am sure this scenario is a familiar one: ‘Incorrect password, please try again’<forgot password>‘Please enter a new password’<input incorrect password (because, hey, it wasn’t the right one anyway)>‘The password you have entered has…

With the expanding scope of cyberattacks on financial institutions and a substantial increase in fraud, government and industry oversight bodies are stepping up with new regulations and requirements to protect consumers. One of the most recent examples are the updates to the Gramm-Leach Bliley Act (GLBA).  After 20 years of regulating information…