LAS VEGAS – Okta kicked off its Oktane 2024 conference by announcing the formation of a working group designed to standardize identity management and authentication. Known as Interoperability Profile for Security Identity in the Enterprise (IPSIE), the effort will look to provide an open-source base for identity management in regards to software as a service (SaaS) platforms.
“Okta is focused on elevating the entire technology industry to be better protected from attacks,” said co-founder and CEO Todd McKinnon.
To help widen the reach of IPSIE, Okta has brought in the OpenID Foundation to help make the system open source and accessible to outside partners, and has enlisted Ping Identity, Microsoft, Capital One, SGNL, and Beyond Identity for the working group.
The ultimate aim of the group, says Okta, is to provide a secure and accessible standard for identity management for SaaS. That standard would allow enterprise SaaS vendors to easily integrate with identity management tools.
“Our goal with IPSIE is to standardize identity security and help foster an open ecosystem where building and using enterprise applications that are secure by default is easy for everyone,” McKinnon explained.
The current problem, says Okta, is that there are so many different ways that companies integrate security protocols like single sign on, continuous authentication, and SCIM. As a result, services are left unable to properly integrate with one another and as a result security liabilities and possible vulnerabilities can put customers at risk.
IPSIE would remedy this condition by giving services an easy way to integrate identity management and cross-authenticate users. This would, in turn, give companies an easier experience while also allowing for an assurance that users are being securely authenticated at one single point.
Okta hopes that the standard will not prove particularly difficult to integrate once it is finalized and introduced. The company said that it has already identified at least 50 different cloud and SaaS providers who have already implemented features and components that would support integration of IPSIE.
Those various components would include single sign-on, lifecycle management, entitlements, risk signal sharing, and session termination.
IPSIE is one of a number of announcements Okta is making at its annual Oktane conference in Las Vegas. SC Media is providing full multimedia coverage of the conference directly from the show floor here.
