The statistics are daunting. More than 80% of cyberattacks and more than 50% of data breaches involve compromised forms of credentials, including stolen passwords, account takeovers, phishing or misused APO keys.
Meanwhile, large organizations are suffering from a surfeit of products. A recent survey of Okta customers found that the average company used 93 different applications, a 4% increase over the previous year. The average North American organization used 103 applications.
And financial firms continue to be among the most heavily targeted, with the financial sector suffering the second-highest number of attacks in the 2024 Verizon Data Breach Investigations Report.
The effects of identity-security shortfalls are inescapable. Compromised credentials led to a major U.S. gaming and entertainment firm losing $100 million in recovery costs and lost business in 2023, while its biggest competitor paid $15 million to the same attackers to avoid the same fate.
A widely used cloud data-storage company's decision to allow accounts without MFA led to devastating compromises in 2024, including the theft of data pertaining to 100 million cellphone customers. Mere password spraying on a forgotten test account led to the world's leading software company having its internal email systems compromised and its source code stolen earlier this year.
Help is on the way
It's clear that many attackers are simply logging into systems instead of breaking in. To help stem this tide of identity-related breaches and attacks, Okta recently introduced several new upgrades to its Workforce Identity Cloud and Customer Identity Cloud service offerings.
First up is Identity Security Posture Management, which takes a holistic view of the client's entire identity-security deployment and searches for vulnerabilities, policy-enforcement gaps and other potential weaknesses. It provides visibility not only into other Okta products and services, but also Microsoft Azure AD and Office 365, Amazon Web Services, GitHub and Salesforce.
The dashboard for Identity Security Posture Management can quickly tell you, for example, how many of your employees have MFA turned on and what kind of MFA they're using, or how many unused but activated administrative accounts exist in your system.
Credit: Okta
Drilling down brings you visual representations of each user's access privileges, including which applications they can access (including those for which they have admin rights) and to which user groups they belong.
Risk analyses can be mapped to widely used security and compliance frameworks such as ISO 27001, Sarbanes-Oxley and the NIST Cybersecurity Framework. Identity Security Posture Management provides suggested remediations for the identity-security gaps it finds and verifies the remediations after implementation.
"Identity is becoming increasingly complex, with security teams lacking deep visibility and risk analysis in their different cloud and SaaS environments," says Arnab Bose, Chief Product Officer at Okta Workforce Identity Cloud. "With Okta's Identity Security Posture Management, companies now have an in-depth view of their identity security risk, working as the first line of defense so security teams can discover gaps and take immediate action to reduce their attack surface."
Identity Security Posture Management is available to users of Okta Workforce Identity Cloud in North America.
Another significant innovation is Highly Regulated Identity, now available for North American financial-services organizations that use Okta's Customer Identity Cloud. It uses the open Strong Customer Authentication and Financial Grade API standards to quickly and easily verify customers performing highly sensitive actions, such as moving money and updating account details.
Credit: Okta
"Across all industries, but especially highly regulated ones like financial services, it's difficult to deliver fast, intuitive, and secure digital experiences that drive customer loyalty," says Shiven Ramji, President of Customer Identity Cloud at Okta. "With Highly Regulated Identity, companies can satisfy consumers' need for instant gratification without sacrificing security."
AI, workflows and forms
Available for Workforce Identity Cloud customers around the world in the Early Access program, Identity Threat Protection with Okta AI integrates with nearly a dozen third-party security tools, including those from Cloudflare, CrowdStrike, Jamf, Material Security, Netskope, Palo Alto Networks, Rubrik, SGNL, Zimperium, and Zscaler. It detects, responds to and orchestrates remediation for identity-based threats, using Okta's own AI to spot and fix problems that might evade human examination.
Credit: Okta
Meanwhile, Workforce Identity Cloud clients who are part of the U.S. federal government's FedRAMP High security-compliance program now can use an audit-ready version of Okta Workflows, which provides low-code and no-code tools for building out and managing functions and upholding compliance standards.
And for Customer Identity Cloud clients around the world who are in the Early Access program, Forms for Actions provides a no-code visual editor that lets you easily build login and signup online forms.
