Oktane16: Product Announcements Skip to main content
https://support.okta.com/help/blogdetail?id=a67f0000000twjpiao&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fblogdetail
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.

Oktane16: Product Announcements

Sep 01, 2016 | by Mike Paiko

By every measure Oktane16 was our biggest yet.  With so much going on, we thought it would be helpful to recap the key themes and take a closer look at the products and capabilities that were shown.  Please remember that any dates mentioned are subject to change, so please check with your Okta representative for the latest on timing.
 

Contextual Access Management

It’s a challenge to provide seamless, secure access in today’s multi-vendor world where employees, customers and partners are accessing both on-premises and cloud services globally, 24x7, from any device. Combined with an increasing number of data breaches and cyber attacks — security is becoming infinitely more complex.

To tackle this problem, we’ve made a coordinated investment across our Single Sign-On (SSO), Adaptive MFA, and Mobility Management products resulting in the industry's most integrated, user-focused and vendor-neutral approach to contextual access management – all delivered as a 100% cloud-native service.  We are the only vendor able to support contextual access management for devices running operating systems from Apple, Google and Microsoft, with support for over 5,000+ applications in our Okta Application Network.

With SSO, Adaptive MFA and Mobility Management you can now enforce contextual access management decisions based on conditions such as user identity, device, location, IP reputation and time of day, while still delivering secure digital experiences that people love. And, you can establish fine-grain, flexible policies based on geolocation and different user populations.  This is an area where you will continue to see us innovate over the quarters and years to come.  

Product specific updates include:

  • Okta Single Sign-On: We’ve added security notifications for end-users to alert them when untrusted devices, anomalous behavior, or logins from high risk IPs are detected. Okta SSO now supports device trust established by Okta Mobility Management or any third-party Certificate Authority. In addition, your IT team can leverage the powerful policy framework to make access decisions with protocol-level context, for example blocking email from the web, while still allowing access from the desktop or mobile app. 
    Availability: Beta now

  • Okta Adaptive MFA: We’ve expanded the power of the policy framework to incorporate additional risk context on which access management decisions can be made—including trusted devices, IP reputation, and geolocation context. We’ve also added email as second factor, and Okta Verify expands support for multiple third-party tokens, and integrates with Windows Hello.
    Availability: Beta now

  • Okta Mobility Management: Okta Mobility Management adds Certificate Authority capability and the ability to distribute certificates to devices to establish device trust. Initial support will include Mac OS X devices, with support for iOS, Android, and Windows 10 later this year.
    Availability: Mac OS X Beta now
     

API Access Management

Most companies are faced with a common challenge. They have made massive investments in a portfolio of apps to run their businesses and they can’t simply throw these out and start over. They need to leverage their systems of record securely, quickly and efficiently. They have to seize the new possibilities that emerge when their core data systems are composed alongside public APIs. What remains is to ensure that access to these services is secure, so that every person gets the right content, data or functionality at the right time.

To address this challenge we are introducing a new product, Okta API Access Management. Our new product helps developers and IT leaders build, maintain and scale seamless, personal and secure experiences across on-prem and cloud services. Unlike legacy point solutions, access is managed based on the user, and fully integrated with Okta’s Identity Cloud. This approach makes it easy to do what has never before been possible: centrally maintain one identity and one set of permissions for any employee, customer or partner across every point of access, app, API or device.

Okta API Access Management includes:

  • OAuth 2.0 API authorization: Okta API Access Management has standard-compliant OAuth 2.0 support for any app or service.

  • Flexible identity-driven policy engine: Designed for every type of user and service, Okta API Access Management leverages Okta’s rich core policy engine so administrators can define access policies based on user profile, group membership, network zone, device, client, user or administrator consent. Access is granted and revoked in real-time as administrators change user permissions.

  • Centralized administration across APIs: The user-friendly console in Okta API Access Management allows for consistent creation, maintenance and audit of API access policies based on native identity objects without custom code.

  • Partnership with leading API management vendors: Okta API Access Management has proven compatibility with API management solutions from Apigee and MuleSoft to create a complete digital transformation solution.

Availability: Beta Now

Read the press release

 

Lifecycle Management

Many IT organizations are facing an explosion of users, both internal and external, increasingly more complex business processes, and a multitude of devices used to access corporate resources, all with different lifecycles. To meet these challenges, we’ve made a number of enhancements to Okta Provisioning for managing the complete business process lifecycle for both internal and external users with improved audit reporting capabilities. We believe Okta Provisioning has reached a tipping point where it’s going well beyond its original mission to provision applications for employees and now is the perfect time to change its name to Okta Lifecycle Management. We believe the Okta Lifecycle Management name cohesively brings together its current capabilities with the investments we are making going forward.

Okta Lifecycle Management updates include:

  • User Lifecycle policy: Create contractor accounts with a limited time to live (ie. 30 days). This adds more control over accounts with no defined lifecycle.
    Availability: Beta November

  • Mobile friendly responsive web UI: Reduce the friction for approvers by allowing them to approve requests via mobile interface.
    Availability: Beta Now

  • Application Request Workflow Enhancements:  An approver Inbox makes it easier for approvers to track outstanding requests, allow admins/approvers to leave a note and route requests to groups of approvers.
    Availability: EA Now

  • Manual Provisioning Support: If an account needs to be manually provisioned Okta can help automate that process by creating an email-driven ticket to Zendesk, SNOW, etc.

  • Access discovery enhancements: Provides auditors proof that users have been correctly de-provisioned in a timely manner.

  • APIs to expose application audit data to 3rd party reporting tools and Governance, risk management, and compliance systems (GRC).


Okta Application Network
We’ll finish up with the enhancements we’ve made to the Okta Application Network (OAN). Access management is only as good as the ecosystem you can connect to and Okta has built the richest network of vendor neutral integrations.  OAN now has over 5K apps in its catalog and we have invested in making our integrations more secure via SAML-based SSO across devices, including SSO to native mobile apps, and more powerful with provisioning capabilities across the user lifecycle. Now we are are extending the OAN to go beyond applications.

Okta Application Network updates include:

  • Deeper integrations: Including more Apps as a Master (ie. SuccessFactors, NetSuite, CSVaaM, etc) and off boarding flows for Google Apps, Dropbox and Office 365.

  • RADIUS as an App: We’ve taken the formula that we’ve used to scale the OAN to 5000+ apps and extended it to infrastructure like Radius. This creates a great admin experience that unlocks the possibility of an integrated approach to MFA for on-premises and cloud apps.
    Availability:  Beta now

  • Amazon Web Services and Amazon WorkSpaces integration: Okta's integration with AWS allows administrators to streamline the security management of their AWS accounts. It also provides end-users with a compact and user-friendly view of their AWS applications on their Okta dashboards. Additionally, Okta now offers an add-on tool that allows AWS administrators to use the AWS Command Line Interface (CLI) with their Okta accounts, thereby providing an end-to-end security solution to all AWS users. And our OAN integration for Amazon Workspaces enables user-friendly MFA and flexible security policies via Okta. To learn more, visit the blog post.

For more information about Oktane16 and these announcements, please reach out to your Okta representative. 

 

Comments