Okta Delivers Industry’s First Fully Integrated Single Sign-On and Strong Authentication On-Demand Service

Latest Offering Provides Native Multifactor Authentication Capability Deeply Integrated with SSO — All in One Service

San Francisco, CA, October 20, 2011 — Today, Okta, the leading on-demand identity and access management service, announced the availability of the industry’s first fully integrated Multifactor Authentication (MFA) and Single Sign-On (SSO) service, built from the ground up to secure today’s cloud-based applications. With Okta, organizations can now deliver flexible and highly secure access to both cloud and on-premises applications on the same extensible Okta platform.

Okta’s newest offering comes at a time when securing access to cloud applications is critical, yet the current approach that relies solely on single passwords leaves business applications highly susceptible to compromise. A recent study by Internet security company BitDefender showed that 75 percent of social networking user name and password samples collected online were identical to those used for email accounts, indicating widespread reuse of passwords across multiple applications. Coupled with the number of recent large-scale thefts, including Electronic Arts and LastPass, user credentials — and as a result, enterprise security — are more vulnerable than ever. It’s clear that relying simply on passwords to secure access to business critical applications is not sufficient.

Okta’s MFA solution is included with the core Okta service and, as a result, can be easily applied to over 1,000 pre-integrated web and cloud applications. The Okta MFA solution addresses the growing demand from customers seeking a secure, yet cost-effective second form of authentication for employees to access their business-critical applications as part of their SSO experience. It includes flexible factor options, such as security questions and an Okta-developed and supported soft token that runs on market-leading smartphones and can be used to secure any application managed by the Okta service. In addition, centralized policy management is provided to control how the MFA is applied with policy options that span location, application and frequency. And with MFA, even if a user’s password is stolen, their account is safe from unauthorized access.

Like any of the capabilities provided by the Okta service, the MFA functionality is extremely easy for administrators to deploy and manage and simple for end users to configure and use on an ongoing basis. Built on the Okta platform, the MFA framework also integrates with third-party MFA options to support a customer’s existing strong authentication solutions.

“Customers that are investing in cloud applications are keenly aware that they need a flexible and secure way to manage access to end users; however, they need a partner that can both deliver a combined solution or work alongside existing MFA services. Okta is the first company to deliver that and it comes at no additional cost,” said Todd McKinnon, founder and CEO, Okta, Inc.

“For enterprises that are adopting cloud applications, security is a primary concern and access to those applications may no longer be governed by a traditional VPN,” said Gregg Kreizman, research director, Information Security and Privacy, Gartner, Inc. “Adding MFA to your cloud single sign-on strategy is important to better control access to those business critical applications that sit outside the firewall and doing so in a way that makes it easy for IT and end users to adopt is critical.”

For more information on Okta’s MFA solution, please visit: http://www.okta.com/what-we-do/multifactor-authentication.html.