Okta enhances security features to tackle identity threats

Okta has introduced new features to its Workforce Identity Cloud aimed at mitigating security challenges related to unmanaged identities, social engineering, and multi-factor authentication (MFA) overload.

Enterprises are increasingly concerned about identity breaches, with statistics showing that 80% of breaches involve compromised credentials. Additionally, Fortune 1000 companies experienced 1.9 billion stolen session cookies last year. Another pressing issue is the unmanaged risk from the extensive use of SaaS applications, which average over 1,000 per enterprise. Social engineering and deep fake attacks further complicate security, as they have surged in sophistication, with financial services experiencing a 700% increase in deep fake incidents. Despite rising MFA adoption in response to these threats, only about 9% of companies have implemented phishing-resistant MFA such as Okta Fast Pass, which is reported to be three times faster to use.

Arnab Bose, Chief Product Officer for Workforce Identity Cloud at Okta, commented, "Identity acts as the first line of defense for critical apps and the connective tissue between security signals, no matter the speed at which an organization moves or the complexity of their technology stack. By continuously investing in the Okta Workforce Identity Cloud, we're able to build a more reliable, scalable, and trusted platform that is empowering our customers to adopt a more unified approach to security."

One of the newly introduced capabilities, Secure SaaS Service Accounts, will be part of Okta Privileged Access. These features aim to safeguard non-federated SaaS accounts through measures such as vaulting, credential rotation, and step-up MFA before secret revelation. This will centralise control and mitigate risks associated with traditional identity management gaps.

Another addition is the Governance Analyzer with Okta AI, which is set to be a feature of Okta Identity Governance. It will provide managers and approvers with insights like usage data and previous governance decisions for making fast, informed authorisation decisions. The Governance Analyzer will also utilise real-time risk assessments and recommendations to enable more seamless access decisions, learning and adapting to provide lower-risk insights over time.

With the rise in social engineering attacks, Okta will soon introduce Out-of-the-box Integrations for Identity Verification. This feature, currently in early access, is designed to enhance user verification by integrating third-party providers to validate identities without custom configurations. The aim is to counteract the ongoing threats by using government ID verification and liveness checks.

To enhance security while also improving user convenience, Okta plans to roll out Extended Device Single Sign-On in Q1 2025. This will create a more secure and seamless sign-on experience by cryptographically binding user identities to devices at login, decreasing the likelihood of exploits and reducing authentication prompts.

Additional upcoming features from Okta include Advanced Posture Checks for real-time device compliance, Enhanced Disaster Recovery with self-service failover, and compliance certifications such as HDS in France, TISAX in Europe, and ENS High in Spain.