SAN FRANCISCO — April 2, 2019 — Okta, Inc. (NASDAQ:OKTA), the leading independent provider of identity for the enterprise, today at Oktane19 announced Okta Advanced Server Access, a new product to bring continuous, contextual access management to secure cloud infrastructure, available today. For the first time through the Okta Identity Cloud, enterprises will be able to continuously manage and secure access to on-premises Windows and Linux servers and across leading Infrastructure as a Service vendors including Amazon Web Services, Google Cloud Platform, and Microsoft Azure. Using Okta Advanced Server Access, companies like Personal Capital and Workiva are centralizing access controls in a seamless manner that better mitigates the risk of credential theft, reuse, sprawl, and abandoned administrative accounts.
Organizations are grappling with how to secure a diverse and broad set of applications and infrastructure across a disparate, extended enterprise. Increasingly, organizations of all sizes are recognizing the need for a Zero Trust framework that limits excessive user permissions and access while requiring continuous authorization. However, the credentials traditionally used to access servers — Secure Shell (SSH) keys and Remote Desktop Protocol (RDP) passwords — are static, creating significant vulnerabilities across a company’s network. Enterprises are struggling to keep track of who has the keys to access servers running mission-critical workloads and storing valuable data, and are woefully limited when it comes to provisioning and deprovisioning powerful administrative accounts. With many organizations relying on multi-cloud infrastructure, technology leaders are left with limited visibility and agility when it comes to their critical, high risk infrastructure, and no central way to control and continuously secure their hybrid environments.
“Today’s enterprises rely on cloud platforms and hybrid environments to build the products their customers rely on and engage with daily,” said Todd McKinnon, Chief Executive Officer and co-founder of Okta. “It’s the right approach for agile innovation, but server access has traditionally relied on shared credentials that may never change, and that creates significant vulnerabilities for any large or growing organization. Without a clear tie back to user identity, technology leaders lose visibility, agility, and ultimately security. Okta Advanced Server Access brings centralized identity security to organizations leveraging on-premises, hybrid, and cloud infrastructure to not only increase security, visibility, and control, but to create a significantly better experience for the teams building innovative products.”
Taking Centralized Identity and Access Deeper
Designed with a revolutionary Zero Trust architecture from the ground up, the Okta Identity Cloud is capable of making smart access decisions based on dynamic user attributes and device conditions, where every login is independently authenticated and authorized. Okta Advanced Server Access gives organizations the ability to make granular access decisions about an individual login request continuously. Access controls are backed by a revolutionary one-time, short-lived credential mechanism that eliminates the common pain of tracking and protecting static keys. Whether an organization is securing its on-premises infrastructure, cloud infrastructure, or hybrid environments, Okta Advanced Server Access serves as a critical solution to a growing enterprise security problem — all while centralizing granular access control, lifecycle management, and administration through the Okta Identity Cloud.
Okta Advanced Server Access enables enterprises to:
- Mitigate the risk of credential theft: Okta Advanced Server Access replaces static keys and passwords commonly used to access servers with just-in-time, single-use client certificates.
- Centralize access controls to servers: Using Okta Advanced Server Access, customers can automate the end-to-end lifecycle of local server user and group accounts under a single directory. It delivers seamless SSO and MFA authentication to SSH and RDP workflows, inline to the protocols, while introducing contextual access controls based on dynamic user and device posture.
- Remove barriers to automation: With Okta Advanced Server Access, it is easy to automate server enrollment into the configuration management of choice, including Chef, Puppet, Ansible, and Terraform. Customers can support multi-cloud environments with a unified control plane that abstracts each provider’s IAM functions, and makes every actionable event an API, allowing for custom workflows.
- Deliver a seamless end user experience: Okta Advanced Server Access works in line with the SSH and RDP protocols, integrated natively with CLI and GUI tools. As a SaaS-delivered product, Okta Advanced Server Access abstracts the complexities of credential management, account management, and more. Automation makes it easy to configure dynamic environments, eliminating redundant tasks without compromising security.
“Personal Capital brings clarity and confidence to people’s financial lives through the combined power of technology and advice,” said Maxime Rousseau, Chief Information Security Officer of Personal Capital, a leading digital wealth management company. “With more than 2 million users registered for our free personal finance tools and $9 billion in assets under management, trust is a core component of the Personal Capital brand. To maintain it, we've secured our cloud access in a highly efficient and frictionless way. Okta and Advanced Server Access has been a natural fit, and the benefits have been clear: our critical infrastructure is locked down from the traditional access control methods that would expose it to static credentials risks.”
Okta Advanced Server Access is available starting today. For more information, visit: https://www.okta.com/products/advanced-server-access