Okta announced today that it is expanding its platform into a new area. Up to this point, the company is known for its identity access management product, allowing companies the ability to sign on multiple cloud products with a single sign. Today, the company is moving into two new areas: privileged and identity governance
Privileged companies give companies the ability to provide access to key administrative services within a company to a limited number of people on an as-needed basis. This can be your database or your server or any part of your technology that is highly sensitive and where you want to tightly control who can access these systems.
Okta CEO Todd McKinnon says Okta has always been good at shutting down access to the general user population of cloud services like Salesforce, Office 365 and Gmail. These cloud services are commonly used. Are you accessing them through the web interface?
Administrators access attribute accounts using different protocols. “It’s something like Secure Shell, or you’re using a terminal on your computer to connect to the server in the cloud, or it’s a database connection where you’re actually logging in with a SQL connection, Or are you connecting to a container, which is actually the Kubernetes protocol for managing containers, ”McKinnon explained.
Privileged access provides some important features, including limiting access to a fixed time window and the ability to record a video of a session to have an audit trail of what actually happened while using the system. Mackinnon says that these features provide additional layers of security for these sensitive accounts.
He says that shaping these accounts would be quite trivial as Okta has already divided users into groups and these special privileges can only be granted to those in the administrative access group. The challenge was to find out how to access these other types of protocols.
The piece of governance provides teams of security operations a way to run detailed reports and look for issues related to identification. He said, “Governance provides exception reporting so you can give it to your auditors, and more importantly, you can give it to your security team to make sure you know what’s going on and Why is this deviation from your stated policy. “
All of this occurs when the company, which was authentically combined with the $ 6.5 billion acquisition last month, calls McKinnon an identity cloud. He sees a market with many strategic clouds and believes that identity is one of them.
“Because identity is very strategic for everything, it’s opening up access to your customer, it’s unlocking the reach of your employee, it’s protecting everything. And so this expansion, whether it’s zero trust. Whether it is identifying the customer with or is doing more on identifying the workforce with not only access, but privileged and identity governance. It is about the identity being developed in this primary cloud, ”he said.
While both of these new products were announced today at the company’s Virtual Octane Customer Conference, they will not typically be available until the first quarter of next year.