UPDATED 09:00 EDT / OCTOBER 16 2024

SECURITY

Okta expands Workforce Identity Cloud with new security enhancements and AI governance tools

Identity access management company Okta Inc. today made a number of announcements aimed at enhancing security and developer capabilities across its platform, a new partnership with the OpenID Foundation to bolster identity security across software-as-a-service applications, and a new suite of tools for securing artificial intelligence integration.

Starting with new enhancements to Workforce Identity Cloud, Okta’s first announcements aim to address key security challenges enterprises face today. Okta has announced the introduction of Secure SaaS Service Accounts, which provide centralized control over shared accounts to reduce the risks associated with unmanaged SaaS applications. Through the provision of vaulting, credential rotation and step-up multifactor authentication, organizations can better protect sensitive service accounts from unauthorized access.

Also new today is a new “Governance Analyzer” powered by Okta AI, which seeks to reduce governance risks across the enterprise. The tool provides real-time risk assessments and actionable insights that allow managers to make faster, more informed authorization decisions. Governance Analyzer surfaces critical usage data and previous governance decisions to ensure that access control is continuously optimized.

Okta has also introduced stronger user verification features to combat social engineering and deep fake attacks. The new verification features include out-of-the-box integrations for identity verification that allow organizations to integrate third-party providers for secure employee and partner authentication. The new verification features also offer support for providers such as Persona Inc. and upcoming integrations with Incode Technologies Inc. and Onfido Ltd. to help reduce the risks of onboarding and recovery exploits.

The company is also improving the user experience with the rollout of Extended Device Single Sign-On, expected to be in general availability by early 2025. The feature simplifies access by binding a users’ identity to their devices, minimizing the need for repeated authentication prompts while maintaining robust security.

Identity security standard

Okta today announced the launch of the Interoperability Profile for Secure Identity in the Enterprise, a new open standard developed in collaboration with the OpenID Foundation. The standard launches with support from industry leaders, including Microsoft Corp. and Ping Identity Corp. It’s aimed at enhancing identity security across SaaS applications by integrating technologies such as single sign-on, risk signal sharing and session termination into a unified framework.

The IPSIE standard has been designed to address the growing challenges of managing identity security in the cloud. The standard introduces standardized practices for governance, entitlement management and continuous authentication that allow organizations to gain better control over identity risks.

Okta has partnered with more than 50 leading enterprise SaaS applications, including Google LLC, Microsoft Office 365 and Slack, to support the adoption of IPSIE. The applications will integrate features aligned with the new standard to make it easier for companies to build secure-by-default SaaS products.

Auth for GenAI

With the final announcement, Okta introduced Auth for GenAI, a product designed to help developers securely integrate generative AI into their applications. The new toolset addresses AI-specific risks such as hallucinations and excessive agency by providing secure user authentication and application programming interface management that allows developers to implement AI-powered features with confidence while knowing that sensitive data is protected.

Auth for GenAI includes key features, including Async Authentication and Fine Grained Authorization, that enhance security and the user experience. Async Authentication allows users to approve or reject AI-driven actions remotely and fine-grained authorization ensures that AI agents access only the data each user is authorized to see. These features help prevent sensitive information from being disclosed inappropriately.

Additionally, Okta unveiled a new developer portal to support companies in building AI-ready applications. The portal has been designed to make it easy for developers to securely expose APIs to AI agents to ensure the integrations are protected from potential security threats.

Photo: Okta

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU