Okta, Inc. has introduced Okta SecurityInsights, a family of product innovations that provides global organizations with personalized security detection and remediation capabilities at the end user, administrator, and customer network level. Okta is introducing two features of SecurityInsights: UserInsight, suspicious activity reporting for end users, and HealthInsight, customized, dynamic security best practice recommendations for administrators. These end user and administrator functionalities build on Okta’s investments in ThreatInsight, network effect-driven protection that prevents threat actors from compromising user accounts by identifying and blocking malicious IPs pre-authentication. Collectively, SecurityInsights enables large enterprises to take meaningful action across their organizations to improve security.
Global enterprises have built rapidly-evolving, expansive workforces that continuously adopt new technology and engage with new markets. As a result, tens of thousands of employees, contractors, and partners are interacting with and accessing sensitive information. Aside from the efficiency hurdles, a distributed and disparate workforce presents an increasingly difficult security challenge, especially in the face of growing attacks and breaches where everyone from the rank and file to the executive suite could become attack targets. In a global threat landscape in which 80 percent of attacks involve compromised or weak credentials, enterprises must maintain a security posture that accounts for dynamic and global workforces while still enabling robust protection at scale. That means implementing and maintaining access management best practices across global workforces and simultaneously turning those potential victims of attacks into first responders.
“Enterprises operating at tremendous scale are faced with the seemingly impossible task of managing technology access, with each application requiring individual policy configuration in order to avoid potentially catastrophic risk. By centralizing identity, these organizations can not only deploy new technology faster, but do so securely,” said Diya Jolly, Chief Product Officer, Okta. “HealthInsight goes even further to secure large scale organizations, offering a tailored assessment of an organization’s security posture as well as providing the unique ability to automate policy responses across hundreds of apps. With UserInsight, CISOs can harness their massive user base to seamlessly report suspicious activity without impacting productivity, turning security targets into first responders. Collectively, SecurityInsights leverage the end user, administrator, and network effects across Okta’s customer base to help keep enterprises secure, regardless of their size or complexity.”
Empowering Administrators
As global security and IT administrators implement policies that govern identity and access management within their organizations, the security landscape continues to evolve. Approaches that were once the gold standard fall out of practice, with new approaches being adopted regularly. To counter this shifting security playing field, Okta has introduced HealthInsight, a new, dynamic offering that monitors adherence to security best practices and provides tailored configuration recommendations, like enforcing strict password policies, creating a block list for known malicious IP addresses, and requiring strong factors during factor enrollment. Administrators can easily act on these recommendations right from the HealthInsight console to help prevent credential-based attacks.
In addition to implementing security best practices through dynamic monitoring, Okta has also unveiled new, stronger authentication capabilities for administrators, unlocking passwordless access through FIDO2/WebAuthn factors, including biometrics. These non-phishable factors go even further to empower large organizations to protect themselves against account takeover and potential data loss.
Engaging End Users and the Ecosystem
With UserInsight, an organization’s tens of thousands of end users serve as the first line of defense against credential-based attacks. Once attacks are identified, the Okta Identity Cloud works seamlessly with technology partners including Security Orchestration, Automation & Response (SOAR) and Security Information & Event Management (SIEM) vendors, leveraging identity to automate incident remediation workflows throughout an organization. With millions of log entries in an organization’s SIEM solutions, it’s impossible for security teams to monitor and respond to every potential issue, but now users can share the responsibility.
UserInsight’s suspicious activity reporting alerts end users to anomalous activity within their account, including logins from new devices and the enrollment or resetting of multi-factor authentication factors. After being notified, end users have the ability to report unrecognized activity to their organization’s administrator, kicking off automated incident response workflows. Leveraging integrations with SOAR platforms and other security tools, Okta can automatically quarantine a user, preventing access to apps with sensitive data until identity verification can be confirmed through biometrics and Okta Verify Push, Okta’s mobile authenticator application. Using Okta Hooks, an Okta administrator can also automatically notify SecOps teams of potential account compromise, through integrations with digital operations platforms like PagerDuty.
"As a leader in pharmaceuticals, Allergan has grown through a series of acquisitions to build a thriving global workforce that includes tens of thousands of employees and contractors,” said Sandy Dalal, Head of Identity and Access Management, Allergan. “We understand the pivotal role identity plays in protecting our people and our intellectual property, and rely on Okta to help us create policies that empower our people and instill best practices. With Okta, Allergan is able to not only standardize and centralize our approach to identity, but actively improve our security posture.”