Cracking the authentication conundrum, with Okta
Your organization probably uses a dozen apps and services, and the tally of digital platforms in everyday use is likely to rise as systems become more embedded into digital workflows. A few years ago, office personnel probably used Office and a web browser, and non-office workers barely touched any technology at all. Now, of course, the situation is that every department, every working group, and many individuals are spinning up online services, firing up apps, and signing onto SaaS platforms.
With each of these services and apps often requiring authentication, it’s understandable that insecure cybersecurity attitudes will creep in. Using the same password for multiple services, “lending” colleagues log-on credentials to keep on a free or cheap tier of a SaaS, and generally subverting password policies all become part of regular practice. It is, after all, about getting the job done, quickly; and security concerns too often take a back seat.
Some companies still rely on single sign-on methods only to authenticate users – policies that are very much out of date and weren’t ever really conceived to cope with new working methods and the rise of new threats. Microsoft’s SSO offering, for example, requires managing up to five separate applications (ADFS, MIM, Azure AD Connect et al.) and integrating them with the Azure cloud. Okta customers can deploy SSO from Active Directory quicker and suffer no trade-off between ease of use and full functionality.
Companies that are lighter, more agile, and more tuned to cloud working are now called upon to provide more secure multi-factor authentication (MFA) solutions. Okta is a prime example: cloud-based, business-oriented, broadly encompassing in terms of MFA methods and adaptable to employees’ and organizations’ needs.
Okta’s platform provides a range of authentication methods, which offer a way to fill the cybersecurity holes mentioned above, plus give a viable framework for tomorrow’s business practices too. There are a few immediate “wins”, in addition to shoring up the cyber defenses overnight after deployment, among them:
- An SSO for the raft of Microsoft platforms: desktop Office plus Lync & OneDrive for Business, Office 365 online, web & native apps on iOS & Android, plus hosted Exchange Online, SharePoint Online, and Lync Online.
- Multifactor authentication to remove issues of weak passwords, “borrowed” passwords, stolen or phished passwords, and use of the same password for different apps, at work and home.
- A significant contribution to data regulation compliance.
- Immediate management of an encompassing IAM policy framework.
- Huge time savings for staff involved in manual password management.
- Granular privilege sets easily set up, maintained and rolled out.
- Short-term access quickly granted, and compromised accounts promptly rescinded.
Depending on your particular settings and requirements, the Okta platform lets you use different types of authentication. For instance, it may be considered ideal that temporary contractors are equipped with a physical token to gain access to systems (or a building), as the card or USB stick can just be returned at contract’s end. At the other ends of the scale, highly selected administrators may need biometric authentication, while office staff may be suited by occasional OTP verification, backed with Okta’s intelligent, adaptive context, IP- or network-aware routines.
The Okta framework slips easily into your changing app and service eco-system, integrating with cloud-based or in-house services as an overarching password and authentication control device. Additionally, if you’re writing or commissioning your own apps, the Okta codebase is entirely OAuth 2.0-compliant, and individual access tokens are instantly revocable.
Part of maintaining a sound and effective cybersecurity policy is to ensure that protocols are not subverted – when they are, it’s often due to users not willing to jump through the necessary hoops to get the access they need. That’s where the balance between authentication stringency and usability isn’t working. However, Okta’s solutions not only restore the balance but ensure that access gets granted only to the right people, at the right time.
So if your organization is making a dash to fully cloud-based services, or is keeping its on-premise stack, or somewhere in between, Okta will be with you to ensure whatever your progress, it’ll be safe, secure and compliant.
- Personal details of 106 million international travelers to Thailand exposed
- Embedded finance ensures BNPL is not making banks irrelevant
- Only a third of developers truly understand the security policies they work with
- There’s a gender barrier to mobile phone ownership in Asia – and it matters
- Advocating a sustainable environment with modern technologies