M+E Connections

Okta introduced expanded multi-factor authentication and several other new enhancements to its identity management service offerings Aug. 29 in Las Vegas, during its annual conference.

We’re seeing “technology change that’s relentless and accelerating,” CEO Todd McKinnon said during an Oktane17 keynote. The cloud services market is now worth $150 billion and “growing quickly,” driven by an increased number of mobile devices and applications, he said, predicting it will be a $152 billion market by 2020.

“New challenges” today include the increasingly important role that integration is playing, he said, adding: “Integration is everything” in this environment because ease of use, management and security all “depend on integration.” But “no one vendor can do it all,” he said.

There are now “billions of people connected to smartphones” and “every company is now a technology company” to some degree because it must build applications to better engage existing customers around current products and services, but must also create new products and services to “attract new customers,” he said.

“Someone is going to do this for every company in every industry, so it’s about either disrupting or being disrupted and I think we’d all prefer the former,” he told the conference.
Identity is the one thing that’s “central” to the entire environment and it’s the “one constant as everything around it is changing that you can hope to integrate and manage things from,” he went on to say.

But “identity needs to be elevated” because of the technology trends we’re seeing, he said. For one thing, identity has typically been a part of other platforms. Now, however, to “capitalize” on industry trends, “identity has to rise from being a part of other platforms to being an independent and neutral platform on its own,” McKinnon said.
The “future-proof” and secure Okta Identity Cloud is one such solution that companies can use, he said.

About 81% of data breaches now involve stolen or weak credentials, and safeguarding end users has become increasingly difficult due to the increased flexibility of modern mobile and cloud technology, according to McKinnon. To help IT and security teams manage today’s proliferation of users, applications and devices, Okta focuses on securing the common point in each of these scenarios – the user – which starts and ends with authentication, he said.

By integrating and securing more than 5,000 applications, IT infrastructure and devices in the Okta Identity Cloud, Okta makes creating and maintaining secure credentials easier, according to the company.

Okta has now added to its cloud-based authentication services to further mitigate the risk of data breaches from compromised credentials for each Okta user, it said in a news release. Effective immediately, Okta Single Sign-On includes a simple one-time passcode offering strong authentication for all users – making two-factor authentication now the standard for everyone that uses Okta services, the company said. Also, because reusing the same password across accounts makes it easier for hackers to gain access to credentials, Okta is rolling out a compromised password detection feature that it said will prevent all Okta users from using commonly used passwords and passwords that were exposed as part of publicly-known data breaches.

The company also announced advancements to the Okta Identity Cloud that it said were designed to “power a new independent directory standard and integration ecosystem for the extended enterprise.” Updates included a Lightweight Directory Access Protocol (LDAP) interface for Okta Universal Directory, an expanded Okta Integration Network, automated access for customers and partners, and end-to-end auditing. The new enhancements to the Okta Identity Cloud “make it easier for IT administrators to manage the breadth of on-premises and cloud-based applications, devices and people involved in modern business,” it said in a separate news release.

Okta also introduced expanded application program interfaces (APIs), new developer product capabilities and a new Developer Edition for customer and employee identity.

Okta’s expanded customer identity solution provides new functionality to help developers more easily embed a secure identity layer into any solution, it said. The new features include easy and secure authentication allowing developers to easily add Okta’s identity-driven security functionality to their own applications. Developers already use Okta to authenticate users in their custom applications with a variety of methods including passwords and biometrics, it said.

Okta has now expanded those capabilities to help organizations increase security even for users who don’t have mobile devices or physical tokens with support for email as a second factor of authentication, it said. Another new feature is rapid customization and branding so developers can ensure that each touchpoint is on brand with support for hosted and customizable registration and login pages. Instead of custom building, meanwhile, developers can now use Okta’s newly-extended, deeper pre-built workflows in their applications, it said.

With Okta’s new self-registration-as-a-service workflow, developers can now also quickly and easily set up a secure registration flow for their application’s users, it said. Okta also extended API support for common developer workflows, including email verification and password reset, making it easier for developers to customize and embed in their existing business logic, the company said.

The Oktane conference was the fifth held by the company to date and “by far our biggest,” CMO Ryan Carlson said in kicking off the keynote, adding that the room it was held in at the Aria Resort & Casino, was “nearly twice the size of any Oktane” held before it.