Story image

Okta enhances its Adaptive Multi-Factor Authentication

01 Sep 17

Global Identity and Access Mangement (IAM) provider Okta has announced new functionality for its cloud-based Okta Adaptive Multi-Factor Authentication (AMFA).

The announcement came at the company’s annual Oktane conference in Las Vegas, which saw record attendance figures of over 2500 people.

Okta AMFA will now provide a more comprehensive set of authentication factors and robust policy frameworks that support contextual access management and adaptive, risk-based authentication.

AMFA will also support a broader set of applications, and can now be used for RDP, LDAP, other Single Sign On (SSO) products, ADFS, custom web apps and RADIUS.

It’s an effort to bolster the effectiveness and reach of the Okta Identity Cloud and more specifically the Okta application network, which the company has renamed, now calling it the Okta Integration Network.

Yassir Abousselham, Okta, chief security officer says the announcement is significant as credential harvesting is becoming a bigger security concern for cloud-based organisations with more data in more locations.

“Identity is now the security team’s last control point because security can’t manage every single person, device and app; what they can control is who has access to information, and when,” he says.

“With enhancements to our AMFA solution, marking multi-factor authentication as the new standard of identity-driven security, and the ability to make smarter security decisions based on context, we’re helping to ensure the right person gets access to the right resources, at the right time.”

The Okta Identity Cloud closely monitors access behaviours to determine when there is a potential threat actor using compromised credentials to gain access to sensitive company information.

With this intelligence, organizations using Okta AMFA can detect anomalies based on the user’s location and client, such as OS and browser user agent – helping them make more intelligent access decisions based on the context of the authentication event.

Organisations with AMFA can also now use Okta’s device trust capabilities to determine whether or not an authentication event is coming from a trusted/untrusted device, ensuring only trusted devices can access business critical applications such as Office 365, Workday or Salesforce.

The company also announced that basic two-factor authentication now comes standard for every Okta user, with the company’s Single Sign On (SSO) service now coming bundled with basic 2FA.

This means Okta SSO will now include a simple one-time passcode strong authentication for all users – making two-factor authentication now the standard for everyone that uses Okta.

Using blockchain to ensure regulatory compliance
“Data privacy regulations such as the GDPR require you to put better safeguards in place to protect customer data, and to prove you’ve done it."
A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
One Identity a Visionary in Magic Quad for PAM
One Identity was recognised in the Gartner Magic Quadrant for Privileged Access Management for completeness of vision and ability to execute.
How to keep network infrastructure secure and available
Two OVH executives have weighed in on how network infrastructure and the challenges in that space will be evolving in the coming year.
Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.