The “Go Beyond” theme of Oktane23, Okta’s annual conference, highlighted how identity is moving beyond its roots as an obscure but necessary addition to the IT operations domain to become the core of IT and cybersecurity infrastructure .
I found the theme of Go Beyond to be exemplified by Okta’s key AI announcements. Okta is going beyond marketing buzzwords by integrating artificial intelligence across its entire product portfolio to transform the user experience and increase security. Okta AI is designed to enable organizations to create better experiences and protect against cyberattacks.
AI for identity
Fundamentally, to be useful, AI requires three things: data, models, and actions. Okta has an advantage over other cybersecurity and identity vendors in that it has built a massive body of identity-specific data gleaned from years of operating SaaS identity software for the workforce. work and customers with more than 18,000 customers. This allows Okta to train and update its AI models on domain-specific data, so that the AI delivers more appropriate, accurate, and efficient results.
AI is best used when it can act directly, rather than providing instructions and relying on humans to act. This is where Okta has another advantage: the pre-existing Okta Workflows automation and orchestration solution that Okta AI uses to take action when necessary.
On the staff side, IT and security teams can use Okta AI to optimize policies, simplify user experience, and automate threat detection and responses. Most importantly, Okta AI allows administrators to move from static, one-off analyzes to dynamic, data-driven risk assessments throughout the user session.
On the customer side, developers and non-technical digital teams can use Okta AI to improve registration and login flows, increase bot detection accuracy, and accelerate application development.
A key feature presented by Okta at Oktane23 was the ability to leverage Okta’s AI in A/B testing of UI decisions, where the AI provides suggestions based on real data collected from experiments combined from all Okta customers. This can enable even those with little or no user experience expertise to create effective registration and login flows that optimize app interactions and user engagement.
While I think Okta will be transformative, I’m still concerned about data security, especially when using customer data in large, opaque AI models. Okta has emphasized its commitment to data security and privacy by keeping customer personal data separate and eliminating private and sensitive data from AI training datasets.
Okta Identity Threat Protection and Universal Logout
Identity threat detection has been around for a long time – we used to call it user and entity behavioral analysis (UEBA). The sad truth is that existing software and computing power limited UEBA’s capabilities to basic, simplistic use cases, such as detecting impossible moves or geolocation based on IP address.
Over time, UEBA has evolved into identity threat detection and response (ITDR) focusing on using modern analytical capabilities to extend detection to more complex identity-related threats.
I’m really excited about how Okta’s new identity threat protection can take UEBA/ITDR two more big steps forward. First, Okta AI was trained on real identity data, including real identity attacks. This makes the AI model more accurate, provides greater coverage for complex real-world attack scenarios, and likely makes the AI faster, allowing it to detect attacks as they occur rather than after the fact.
But what happens when an attack in progress is detected? The traditional process during an investigation is to terminate all active sessions to eject the attacker from the environment. This, however, is a very difficult task that requires the security team to first manually identify all applications and accounts associated with a targeted/compromised identity and then manually log in to each application as administrator to end the connection. This provides the attacker with a large window of opportunity to move laterally through the environment, compromising additional identities and systems and causing untold damage.
Okta is uniquely positioned within the IT environment in that Okta Workforce Identity Cloud is involved in every connection to every application in the environment and knows every active session. This allows us to take a second major step in the advancement of ITDR: the universal disconnection of Okta. Once an attack is detected, Okta Identity Threat Protection can use Okta Workflows to automatically terminate every active connection, session, and invalidate session cookies or other long-lived access tokens.
This transforms the way identity and security professionals respond to threats, significantly narrowing attackers’ window of opportunity.
Access keys for Customer Identity Cloud
At the end of 2022, I predicted that 2023 would be the year of passwordless authentication. Indeed, Apple, Google, and Microsoft are all integrating support for FIDO passwords into all browsers and devices.
With a simple setup for Okta Customer Identity Cloud, developers and digital teams can enable phishing-resistant passwordless authentication.
How important is this? According to my Recent research on passwordless authentication, 25% of organizations have already implemented passwordless for their customers. More importantly, 51% of them are in the testing and proof-of-concept phase, and 10% plan to evaluate the passwordless system in the next 12 to 24 months.
The demand for passwordless authentication is high because most passwordless authentication options, like FIDO access keys, are phishing resistant, meaning they eliminate the possibility of Attackers manipulate users into revealing their passwords or MFA factors, as was the case in the attacks of the Caesars and MGM just last month.
The sooner we eliminate passwords, the safer we will be.
Okta for good
I was very happy to see that Okta is investing in community development. This is particularly important given the current situation cybersecurity skills shortage. The Okta for Good program supports workforce development by providing 5,000 Okta certification grants to career transition professionals to develop their Okta skills. The program awards more than $1.6 million to cybersecurity and STEM workforce development organizations to support individuals early in their careers.
I also really appreciated that Okta decided to forgo handing out gifts to participants; who needs another backpack, T-shirt or socks? Instead, Okta donated the promotional budget to World Central Kitchen, chef Jose Andres’ charity dedicated to providing food and meals in the wake of natural disasters. Andres is an Okta customer and was the keynote speaker.
And after?
I’ve highlighted some of Okta’s key developments in AI and security. In addition to this, Okta is adding many other features that use AI to transform the role of identity in IT and cybersecurity, improving operational efficiency and reducing risk.
Some of the other new features include:
- Fine-grained authorization for Customer Identity Cloud that allows developers to quickly and easily incorporate both coarse-grained and search-grained authorization policies for any application.
- Verifiable credentials with mobile driver’s license that enable Customer Identity Cloud applications to perform online verification of mobile driver’s licenses with Customer Identity Cloud support.
- Governance Analyzer that uses Okta AI to analyze behavior in the environment to provide the best governance decisions for Workforce Identity Cloud.
- Fast Pass and Yubico solve the access key priming problem by allowing administrators to onboard new employees by sending employees YubiKeys with pre-recorded access keys.
Okta is now the largest independent identity provider. In my discussion with Okta executives and product developers, I learned that Okta understands how central identity is to both IT operations and cybersecurity. They continue to invest in AI to improve operational efficiency and cybersecurity and transform user experience.
Principal Analyst Jack Poller covers identity and data security in TechTarget’s enterprise strategy group. He has over 25 years of industry experience across a broad range of systems, storage, networking and cloud-based products and markets.
