About Okta:
Okta is a trusted player in Identity & Access Management domain & is renounced for its best-in-class products & services. By leveraging the cloud, Okta allows users to access applications on any device at any time, while still enforcing strong security controls. Okta integrates with your organization’s existing directories, HRMS / Application directories and 3rd party identity systems to establish a central directory structure. Okta got an app catalogue of 8,000+ app integration which facilitates the users to have seamless SSO experience to access the integrated entitled applications from a single dashboard. Okta Workforce Identity cloud is a platform for your employees, contractors, or partners to access your organization’s digital resources.
Okta platform is spread across the Identity Domains and the capabilities around those core pillars.
- Access Management.
- Identity Governance & Administration.
- Privileged Access
Access Management:
Access Management primary focus of interest is around granting & revoking privileges to access an application or data or perform any actions on the applications / systems. The main objectives of Access Management are to authenticate the users, authorizing the actions attempted by the users & accounting the activities / actions performed.
Okta is aligned to these guiding principles and ensures the right users have access to the right resources at the right time through a variety of products & services listed below.
- Single Sign-On
- Adaptive Multi Factor Authentication
- Password-less Authentication
- Identity Federation
- Access Gateway
- Security Policies
- Behaviors detections
- Identity Threat Protection
Identity Governance & Administration:
Identity Governance & Administration focuses on governance, compliance & visibility across identities spread across the organizations. Identity governance is about policies around separation of duties, access requests for role management, access certifications to validate the access privileges, finally analytics & reporting. While Identity Administration is focused on provisioning the users to the requested applications / resources, managing the changes in the user role with appropriate access privileges & deprovisioning the access privileges when access is no longer required. IGA systems are designed to give organizations visibility into access sprawls and provide better controls to identify and limit access creeps to their resources.
Okta manages IGA diligently and the IGA architecture is perfectly balanced by leveraging the following products & services:
- Access Governance
- Access Requests
- Access Certifications
- Reporting
- Entitlement Management
- Lifecycle Management
- Okta Workflows
Privileged Access Management:
Privileged Access Management revolves around securing & monitoring access to critical systems initiated by privileged users such as IT administrators, Application Owners, Contractors or 3rd party vendors who manage the infrastructure on your behalf. Users who hold privileged accesses are susceptible to cyber security attacks and if left unnoticed, results in a higher risk impacting the organization overall security posture. Compromising the privileged accounts will let the malicious actors have the key to the organization’s digital assets.
Okta being a cloud Identity Provider & with the tight integrations between these core pillars, Okta Privileged Access facilitates organizations to reduce risk by leveraging the IGA & Access Management services for privileged resources irrespective of the resource origins, cloud or on-premises servers. This will deliver better visibility, security, and compliance, without compromising on the user’s experience. Okta Privileged Access key capabilities are as follows:
- JIT access to the infrastructure
- Session recording & Auditing
- Secrets Vaulting
- Privileged Access Governance
- Service Account management for Applications.
Demonstration of Core Capabilities:
Here’s the video comprising the core capabilities & working flow showcasing few real-time scenarios.