Identity, Governance, Risk and Compliance, Oktane

Okta pitches WIC to fill SaaS security holes

Share
An Okta sign is seen on its headquarters in San Francisco.

Okta is pitching new features to address what it sees as critical security holes in the way SaaS and cloud vendors interact.

The new Workforce Identity Cloud (WIC) features will target areas such as multi-factor authentication, deepfake incidents, phishing, and credential theft.

Speaking at the Oktane conference in Las Vegas, WIC Chief Product Officer Arnaub Bose told attendees that the new offerings were crafted to better handle emerging threats such as deepfakes and device attacks.

“As Identity becomes essential to everything we do, it has become a target to threat actors,” Bose said.

Find all of our coverage from Oktane 2024 here.

Among the new features is the introduction of secure SaaS service accounts. Operating within Okta privileged accounts, the accounts will allow companies to monitor and managed things like shared administrator accounts.

The aim of the new feature is to better enable companies to keep an eye on shared accounts that may not be monitored closely or forgotten by administrators more concerned with managing other apps and services.

Kristen Swanson, Okta VP of Design and Research, said that the rollout of the new feature was inspired by direct feedback the company has been receiving from users.

“The complexity of managing todays tech ecosystem is absolutely overwhelming. The average company uses more than 1,000 apps,” said Swanson. "We hear from customers that these privileged accounts can fall outside the boundaries of traditional identity protection tools.”

Also of emphasis in the update was device management. In an aim to help companies protect themselves from end user PCs and mobile devices, Okta is pitching a host of new tools around both governance and threat detection.

This, says Okta, allows for companies to do things like enforce security requirements on devices and immediately detect and lock out devices that could pose a threat due to a malware infection.

Other new features include out of the box integration for service which will not require customer configuration and improvements to the enhanced disaster recovery service that will help companies further minimize downtime from outages and attacks.

The announcements were part of a larger rollout of news from Okta at its Oktane customer event. Readers can find full coverage of the event from the SC Media team here.

An In-Depth Guide to Identity

Get essential knowledge and practical strategies to fortify your identity security.

You can skip this ad in 5 seconds