Covering Disruptive Technology Powering Business in The Digital Age

Home DTN news News The Best Bits From Our Visit to Oktane22 – DTN Steps Into the World of Identity
image
The Best Bits From Our Visit to Oktane22 – DTN Steps Into the World of Identity
image
November 15, 2022 News

 

Written by: Andrew Martin, Group Publisher, AOPG.

The world is opening up and our invites to attend events around the world are flooding back in.

So we took some time to drop in on the annual Okta fest – Oktane22, which took place in San Francisco last week (November 8th through to 10th).

It’s forgivable to think of Okta as niche, simply due to their maniacal focus on identity but the first thing that hits you when walking into the event is the scale, it’s a visible and physical reminder that Okta is much more than a dominant niche player. It’s something most of us know but seeing the number of people attending and the number of exhibitors supporting the event puts it into clear perspective.

It also doesn’t hurt to bring in Serena Williams as your keynote speaker – the thinking being “a big name for a big event.” I am sure she helped draw in what was a very large crowd for a 7 pm session.

Like almost everyone watching, I am in awe of her legacy and talent but was even more struck by how articulate she is and what incredible clarity of thought she brought to everything she discussed, and whilst no one expected her to be an expert on identity security, her insight on business and investing was interesting.

There was a huge amount going on at Oktane22, but if we are going to boil down the big messages that Okta seemed to want people to take away, I would pick the following.

Big Message No.1 – Anti-Phishing:

Okta announced that they are the first identity provider that can deliver anti-phish identity solutions across your entire organisation — any user, any device, and every major operating system. That starts with Okta FastPass, which is now the most comprehensive anti-phishing authenticator for the enterprise. Okta is building on what FastPass does for your workforce by using managed devices and extending to your third parties using any kind of device. With new enhanced security checks, Okta can understand the OS version, whether passcodes are enabled, and whether disks are encrypted to improve the security posture for third parties outside your own device management perimeter.

Big Message No.2 – Standing Privileges:

Okta are focusing on solving the inherent risks posed by standing privileges, where privileged accounts or users have standing access to critical infrastructure and resources. Standing privileges create more security vulnerabilities because they extend access to users who may no longer require it, and their user credentials can then become targeted assets for threat actors. Okta sees large numbers of attacks that have their origins in these kinds of standing privileges, and the ability to solve for it through a single unified solution is a pretty big departure from how the world has traditionally worked. Integrating Identity Governance and Administration (IGA) and Privileged Access Manager (PAM) capabilities with Identity and Access Management (IAM) ensures that IT has more power and control over access management without compromising on security or user experience.

Big Message No.3 – Two Clouds:

Okta is now a two-cloud company. Okta’s identity technology spans both workforce and customer identity with two purpose-built clouds: The Customer Identity Cloud and the Workforce Identity Cloud.”

The Customer Identity Cloud is the Auth0 technology that Okta acquired in 2021. It’s an easy-to-implement and customisable customer identity solution that helps organisations resolve the tension between security, privacy, and user experience for their customers. The Workforce Identity Cloud is a single control plane that gives IT and security teams the ability to manage identity across all enterprise resources and users.

A big feature of Octane22 was the depth and breadth of sponsor support we saw in the exhibition area so we took the chance to dive into the Okta ecosystem.

DTN has viewed 2022 as the year of enhanced collaboration between cybersecurity companies. Compared to other areas in the IT space, security has always been more of a community. As an example it’s rare you see storage companies collaborate closely, the same is not true amongst cybersecurity companies.

We believe that XDR has cemented the idea of collaboration because for XDR to be effective you need to share data. Any security company that wants to play in the XDR market needs to play with other security companies too.

In the case of Okta, the nature of identity-based security has meant they have always collaborated, not just with other security companies but with any application vendors who need an identity for authentication.

With this in mind, we dived into the exhibition hall to see just how much Okta “love” was going on.

For a company with such a maniacal focus, it is interesting that so many security and application companies see the value of supporting the Oktane22 expo area. With more than 50 vendors at a quick count.

Here’s some feedback we gathered about identity security in general and how companies engage with Okta from a collection of the vendors that chose to exhibit at the event.

Jules Martin – VP Eco System and Alliance at Mimecast

On Identity – “Identity is a critical element of any company’s security posture, and it’s becoming even more so, I have no doubt that that trend will continue.”

On Okta  – “Mimecast and Okta work perfectly in that respect. Our companies collaborate and share information. Mimecast is excellent at spotting possible compromises, especially via email. Mimecast and Okta integrate allowing us to inform their identity management about potentially compromised users that we uncover.”

Jeremiah Mason, SVP, Product at authID Inc

On IdentityIdentity is vital to an organisation’s security posture. Establishing strong identity assurance is critical in defending an organisation’s infrastructure against sophisticated cyber attacks. And in a digital world where bad actors are relentless when it comes to bypassing authentication methods to access sensitive information, there is no room for identity assumptions. By eliminating passwords and leveraging biometric identity authentication, organisations can accurately and securely verify an identity, eliminating any assumption of ‘who’ is behind a device, and preventing cybercriminals from infiltrating accounts and seizing assets.”

On Okta – “authID is an integration partner with Okta. Verified Human Factor Authentication (HFA) plus Okta delivers FIDO2 password-less authentication combined with biometric certainty to authenticate the human, not just the device, eliminating the risks and hassles associated with passwords. Verified enhances Okta IAM to secure desktop and mobile workforce devices with cryptographic FIDO2 passkeys, seamlessly enrolling users with a simple selfie captured in any browser. Verified plus Okta eliminates passwords, credential compromise, and related business disruption risks. In pairing frictionless identity assurance with device authentication assurance, Verified offers strong identity assurance, portable identity, and secure account recovery.”

Josh Jagdfeld – Senior Director, Alliances and Developer Relations at Jamf

On Identity – “Identity is one of the most important variables in considering an overall security strategy. Without fully understanding who the person is, the endpoint they’re using, and their current network state, it’s impossible to have a complete picture of their potential vulnerabilities. Leveraging identity allows Jamf to ensure that only trusted users on known devices have access to appropriate corporate apps and resources on an ongoing basis as part of our Trusted Access model.”

On Okta – “Apple is leading the revolution of device management and user+device identity with Okta and Jamf joining forces to deliver those innovations to our shared customers. Okta and Jamf work closely to tie the cloud identity experience into a number of user-simple but enterprise-secure IT workflows: Onboarding, device provisioning, endpoint and app lifecycle management, strong authentication into corporate apps and resources, and zero-trust network access policy enforcement. With integrations across our management and security portfolio of products, Jamf and Okta are well-positioned to provide a best-in-class experience for both admins and end-users.”

Derek Hanson, VP of Standards and Alliances at Yubico.

On Identity – “Cyber attacks and the resulting ransomware attacks and data breaches are on the rise. According to the recent Verizon Data Breach Report, the attacks that are the most successful use phishing as the foundation of the attack. These attacks boil down to the art of tricking people into revealing personal information and their credentials – including usernames, passwords, and/or authentication codes.”

“The central goal of enterprise identity strategy is to enable the right users on the correct devices to gain access to sensitive assets. The modern approach to counter this requires an IAM solution paired with strong phishing-resistant authentication. IAM Solutions that provide single sign-on solutions and strong phishing-resistant Multi-Factor Authentication (MFA) solutions are two sides of the same coin.”

“Single-Sign-On (SSO) without MFA means that when any user account is breached for a single application, that breach can easily be spread to all applications the user has access to. Strong phishing-resistant MFA without SSO means users are constantly interrupted for authentication. SSO and phishing-resistant MFA are two identity practices that are the core building blocks of preventing an entire class of cybersecurity attacks for an enterprise.”

On Okta – “Okta and Yubico have a long-term innovative and successful partnership. In 2018, Yubico and Okta launched our first joint solution for customers to enable the best-in-class one-time password solution. Since that launch, our partnership has evolved into focusing on solutions for customer demands on preventing phishing.”

“Today using WebAuthn, YubiKeys and Okta deliver the strongest level of authentication assurance and defence against phishing and man-in-the-middle attacks. A user can use their YubiKey as the primary, step-up, or backup authentication method in conjunction with Okta Adaptive MFA, ensuring secure user access at all times.”

Okta and Yubico make strong authentication easy to adopt and manage by:

  • Enabling customers to securely and easily authenticate any enterprise application with Okta’s services and YubiKeys to prevent credential compromises.
  • Provide high-assurance authentication methods for organisations of any size or complexity that need to meet authentication.
  • Providing an always-on and always-available strong authentication solution with YubiKeys that are crush and water-resistant, and require no batteries.

Andy Horwitz, VP Business Development Netskope

On Identity – “In today’s digital world, where users are accessing data from anywhere, on any device, and at any time, strong digital identity management has never been more important. Having confidence that the identities accessing an organisation’s data are legitimate and authorised is the cornerstone of ensuring trust in our digital ecosystem.”

On Okta – “Okta is a strategic technology partner for Netskope. Thousands of companies leverage our integrations every day.  Together, we provide organisations with simple and secure access to tens of thousands of applications in the cloud, whether sanctioned or unsanctioned. Effectively, with Okta, companies can manage single sign-on convenience to all the cloud applications that the company have approved for use, and Netskope couples with that to make sure that whatever usage is happening in those cloud applications is done securely, protecting both users and company data with a single set of policies for data loss prevention and threat protection. Every application needs authorisation and access. Our partnership with Okta allows us to offer a more complete security solution, designed for a cloud-first world, where the protection goes around the individual, the application, the device and the data wherever they go.”

(0)(0)