Meet Okta Adaptive MFA

We’re pleased to announce that our new product, Okta Adaptive Multi-factor Authentication (MFA) is generally available today.

Okta Adaptive MFA, which companies can purchase as a standalone product, offers a broad set of easy-to-use factors combined with policy-driven contextual access management — all informed by data from our thousands of customers and their millions of devices, users and authentications. As we shared in our recent Businesses @ Work report, we’ve seen a 40 percent increase year-over-year in MFA adoption (along with a 46 percent increase in data breaches year-over-year). Okta Adaptive MFA meets organisations’ security and user experience needs, providing an additional layer of protection for people, organizations and their most sensitive data while maintaining a simple user experience.

We designed Okta Adaptive MFA with a heavy focus on factors that people want and like to use, like Okta Verify with Push. Through Okta’s new partnership with Yubico, Okta customers can now also use YubiKeys to authenticate. YubiKey is a hardware authentication device that protects access to user accounts and makes it fast and easy for users to access applications. Okta Adaptive MFA also supports SMS for users without access to smartphones. And even though Okta is a cloud-based service, we have secure, on-premises agents that support popular protocols such as RADIUS to integrate our MFA capability easily with existing VPN infrastructure.

Over time, we will evolve our Adaptive MFA product to benefit from the massive amount of signal data we capture across our thousands of enterprise customers to better protect each and every organization. When we detect suspicious access patterns in one or several organizations across Okta’s multi-tenant cloud, we can act on that data to better protect all Okta organisations. With Okta Adaptive MFA, there’s truly safety in numbers.

Here are a few highlights of the new product:

• Contextual access: IT can set contextual access policies that require step-up authentication, or deny access, based on data about users, devices and the request, including the network, location or application. Additional policies include re-authentication and group based enrollment.
• Risk profiling: Okta will make intelligent decisions and proactively protect organisations and industries by using behavioural patterns, combined with data from a network of global authentication trends to identify risk. Users will only be prompted for MFA when unusual or risky behaviour is detected.
• Integration with apps and VPNs: With Okta Adaptive MFA, organisations can take advantage of the 500+ SAML-enabled applications in the Okta Application Network. And through Okta’s RADIUS server agent, customers can integrate VPN and other on-prem infrastructure to centrally enforce MFA for all applications and network access, and protect applications that do not natively support MFA or specific factors.

London Gatwick Airport Soars with Okta MFA
London Gatwick Airport, the second largest airport in the UK, serves around 38 million annual passengers flying to 200+ destinations across 90 countries and trusts Okta Adaptive MFA to secure access for its 2,600 employees. CIO Michael Ibbitson highlights the product’s marriage of security and usability in our press release:

“London Gatwick Airport’s employees are not just located in an office — they’re based in airport security, on the airfield, or in the terminals, so we need secure communications and access anywhere, anytime. The risks involved make MFA for apps and services vital for data protection. We love the fact that Okta Adaptive MFA is easy to use and we can choose from factors like SMS and Okta Verify.”

If you’re interested in joining in Gatwick’s success with Okta Adaptive MFA, check out the video below or the product here: https://www.okta.com/product/adaptive-mfa/.