Story image

Okta enhances its Adaptive Multi-Factor Authentication

01 Sep 2017

Global Identity and Access Mangement (IAM) provider Okta has announced new functionality for its cloud-based Okta Adaptive Multi-Factor Authentication (AMFA).

The announcement came at the company’s annual Oktane conference in Las Vegas, which saw record attendance figures of over 2500 people.

Okta AMFA will now provide a more comprehensive set of authentication factors and robust policy frameworks that support contextual access management and adaptive, risk-based authentication.

AMFA will also support a broader set of applications, and can now be used for RDP, LDAP, other Single Sign On (SSO) products, ADFS, custom web apps and RADIUS.

It’s an effort to bolster the effectiveness and reach of the Okta Identity Cloud and more specifically the Okta application network, which the company has renamed, now calling it the Okta Integration Network.

Yassir Abousselham, Okta, chief security officer says the announcement is significant as credential harvesting is becoming a bigger security concern for cloud-based organisations with more data in more locations.

“Identity is now the security team’s last control point because security can’t manage every single person, device and app; what they can control is who has access to information, and when,” he says.

“With enhancements to our AMFA solution, marking multi-factor authentication as the new standard of identity-driven security, and the ability to make smarter security decisions based on context, we’re helping to ensure the right person gets access to the right resources, at the right time.”

The Okta Identity Cloud closely monitors access behaviours to determine when there is a potential threat actor using compromised credentials to gain access to sensitive company information.

With this intelligence, organizations using Okta AMFA can detect anomalies based on the user’s location and client, such as OS and browser user agent – helping them make more intelligent access decisions based on the context of the authentication event.

Organisations with AMFA can also now use Okta’s device trust capabilities to determine whether or not an authentication event is coming from a trusted/untrusted device, ensuring only trusted devices can access business critical applications such as Office 365, Workday or Salesforce.

The company also announced that basic two-factor authentication now comes standard for every Okta user, with the company’s Single Sign On (SSO) service now coming bundled with basic 2FA.

This means Okta SSO will now include a simple one-time passcode strong authentication for all users – making two-factor authentication now the standard for everyone that uses Okta.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.