Okta Launches a Unified Control Plane for Enterprise Identity and Access Management
Identity management service provider Okta has launched a united identity platform, a unified control plane for all the tasks around managing identity and access management (IAM) to authorize access of resources, including risk management, security and the policies needed for proper IAM.
“Over the last 12 years at Okta, we’ve seen a fundamental shift in the role identity plays for organizations,” said Todd Mckinnon, Okta co-founder and CEO, in the kickoff keynote the company’s annual user conference, Oktane21, being held virtually this week. “It has been heard loud and clear: You require a single solution for every user type and every use case. You need it to work for not just apps but also infrastructure, containers and databases. And you need to democratize and simplify how users gain resource access by empowering your business partners to determine requirements, rather than centralizing with IT.”
The platform aims to provide a centralized system for both privileged access management (PAM) and identity governance administration, both by centralizing management while at the same time lessening the burden on security operations through the use of self-service tools like Slack and automated workflows wherever possible.
The platform is forged from two new components, both of which will be fully available by early 2022.
Okta Privileged Management is aimed at protecting critical infrastructures, such as Kubernetes clusters and databases, by providing a centralized system for granting temporary credentials to IT admins to thwart rogue access.
The idea is behind privilege management is to bring the organization closer to a zero-trust environment, necessary for the hybrid and multicloud environments that exponentially increase the complexity of managing access to all of these valuable resources. Traditional PAM tools do not have the flexibility to manage these cloud native environments, the company wages.
This next-gen PAM system can be used to build fine-grained user and role-based security policies detailing who can access what at the infrastructure level. A system administrator can apply for temporary access, say to a database that needs a reboot, and the subsequent session is logged for further review.
The second component, Okta Identity Governance, provides a self-service portal for routine authorization duties, eliminating the need for managing user access through a centralized functionality with IT.
Okta Identity Governance manages the routine access management through automated approval workflows and self-service. Users are given a standard base of authorization that determines which apps they can access, while at the same time a system of least privilege is maintained to prevent an accumulation of unneeded access. Credentials can also be easily disabled for employees who depart the company. The system leverages the API-rich nature of today’s IT tools, such as Slack, to make the self-service capabilities as seamless as possible for end-users.
For Okta, last year’s SolarWinds breach was actually good news, at least as insofar it alerted organizations to the expensive dangers of faulty identity management, even as they are increasing the rate of software development through automated processes such as DevOps. From March 2020 to March 2021, Okta saw over 52 billion unique app logins on its platform, a twofold increase from the same time a year earlier.