SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Proofpoint integrates people-centric protection with Okta’s Identity Cloud
Mon, 9th Sep 2019
FYI, this story is more than a year old

Cybersecurity and compliance company Proofpoint has today announced an expansion to its technology partnership with identity and access management services provider Okta to bolster how organisations protect their most at-risk users from sophisticated cyberattacks.

Through this streamlined integration, joint customers can leverage Proofpoint's people-centric Targeted Attack Protection attack index, which scores threats based on their criticality, to identify their very attacked people (VAPs) and apply stronger access controls to better protect those users with the Okta Identity Cloud.

“Our Okta partnership delivers exceptional value for our customers and channel partners—and today we are expanding on our commitment to helping organisations automatically dial-up protection for their users that receive the most critical and targeted phishing, malware, and impostor attacks,” says Proofpoint Cybersecurity Strategy executive vice president Ryan Kalember.

“Adversaries continue to attack specific people within organisations, including many that aren't traditionally considered likely victims.

“Our people-centric intelligence provides essential insight into who an organisations' VAPs are and how they are being attacked.

While we have several adaptive controls built into our solutions, our partnership with Okta extends these capabilities to include identity and access management and provide additional account protection in seamless, cloud-to-cloud integration.

Joint Proofpoint and Okta customers can now integrate Proofpoint Targeted Attacked Protection (TAP) user risk insight with the Okta Identity Cloud.

Users that are identified as VAPs by Proofpoint will automatically be placed into a high-risk user group in Okta, allowing administrators to apply adaptive policy controls and higher assurance factors before granting access to resources.

Okta Integration Network vice president Chuck Fontana says, “At Okta, our mission is to enable any organisation to securely use any technology – making sure the right users have access to the right resources, at the right time, and preventing access to unauthorised users or requiring stronger assurance in high-risk scenarios,” says.

“By partnering with Proofpoint, we can provide our joint customers with the ability to automatically detect high-risk users and apply stronger authentication controls and policies to those users.

“This makes it easier and more efficient for administrators to identify and take action on today's biggest security threat, people - and their identities - to improve the security posture of their organisation.

With this integration, joint customers can apply adaptive controls such as;

  • Assign application access or restrict access to sensitive applications
  • Apply dynamic access policies aligned to user risk, including limiting session length and requiring higher assurance factors for MFA
  • Adjust a user's role and entitlement for authorisation in downstream applications
  • Adapt password policies for complexity, history, expiration, and reuse

This latest Okta integration also builds on the existing Proofpoint Threat Response Auto-Pull (TRAP) integration, which enables security teams to orchestrate response actions to protect users who have clicked on phishing links.