Story image

Okta brings centralised identity security to servers

03 Apr 2019

Identity services provider Okta has announced Okta Advanced Server Access, a new product to bring continuous, contextual access management to secure cloud infrastructure, available today.

For the first time through the Okta Identity Cloud, enterprises will be able to continuously manage and secure access to on-premises Windows and Linux servers and across leading Infrastructure-as-a-Service vendors including Amazon Web Services, Google Cloud Platform, and Microsoft Azure.

Using Okta Advanced Server Access, companies like Personal Capital and are centralising access controls in a seamless manner that better mitigates the risk of credential theft, reuse, sprawl, and abandoned administrative accounts.

Organisations are grappling with how to secure a diverse and broad set of applications and infrastructure across a disparate, extended enterprise.

Increasingly, organisations of all sizes are recognizing the need for a Zero Trust framework that limits excessive user permissions and access while requiring continuous authorisation.

However, the credentials traditionally used to access servers — Secure Shell (SSH) keys and Remote Desktop Protocol (RDP) passwords — are static, creating significant vulnerabilities across a company’s network.

Enterprises are struggling to keep track of who has the keys to access servers running mission-critical workloads and storing valuable data and are woefully limited when it comes to provisioning and deprovisioning powerful administrative accounts.

With many organisations relying on multi-cloud infrastructure, technology leaders are left with limited visibility and agility when it comes to their critical, high risk infrastructure, and no central way to control and continuously secure their hybrid environments.

“Today’s enterprises rely on cloud platforms and hybrid environments to build the products their customers rely on and engage with daily,” says Okta chief executive officer and co-founder of Todd McKinnon.

“It’s the right approach for agile innovation, but server access has traditionally relied on shared credentials that may never change, and that creates significant vulnerabilities for any large or growing organisation.

“Without a clear tie back to user identity, technology leaders lose visibility, agility, and ultimately security. Okta Advanced Server Access brings centralised identity security to organisations leveraging on-premises, hybrid, and cloud infrastructure to increase security, visibility, and control and create a better experience for the teams building products.”

Taking centralised identity and access deeper

Designed with a revolutionary Zero Trust architecture from the ground up, the Okta Identity Cloud is capable of making smart access decisions based on dynamic user attributes and device conditions, where every login is independently authenticated and authorised.

Okta Advanced Server Access gives organisations the ability to make granular access decisions about an individual login request continuously.

Access controls are backed by a one-time, short-lived credential mechanism that eliminates the common pain of tracking and protecting static keys.

Whether an organisation is securing its on-premises infrastructure, cloud infrastructure or hybrid environments, Okta Advanced Server Access serves as a critical solution to a growing enterprise security problem — all while centralising granular access control, lifecycle management, and administration through the Okta Identity Cloud.

Okta Advanced Server Access enables enterprises to:

  • Centralise access controls to servers: Using Okta Advanced Server Access, customers can automate the end-to-end lifecycle of local server user and group accounts under a single directory. It delivers seamless SSO and MFA authentication to SSH and RDP workflows, inline to the protocols, while introducing contextual access controls based on dynamic user and device posture.
     
  • Remove barriers to automation: With Okta Advanced Server Access, it is easy to automate server enrollment into the configuration management of choice, including Chef, Puppet, Ansible, and Terraform. Customers can support multi-cloud environments with a unified control plane that abstracts each provider’s IAM functions, and makes every actionable event an API, allowing for custom workflows.
     
  • Deliver a seamless end-user experience: Okta Advanced Server Access works in line with the SSH and RDP protocols, integrated natively with CLI and GUI tools. As a SaaS-delivered product, Okta Advanced Server Access abstracts the complexities of credential management, account management, and more. Automation makes it easy to configure dynamic environments, eliminating redundant tasks without compromising security
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Princeton study wants to know if you have a smart home - or a spy home
The IoT research team at Princeton University wants to know how your IoT devices send and receive data not only to each other, but also to any other third parties that may be involved.
Organisations not testing incident response plans – IBM Security
Failure to test can leave organisations less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.
65% of manufacturers run outdated operating systems – Trend Micro
The report highlights the unique triple threat facing manufacturing, including the risks associated with IT, OT and IP.
WikiLeaks' Julian Assange arrested in London
There’s little doubt that it’s a day of reckoning for WikiLeaks cofounder Julian Assange today, after his seven-year long protection inside London’s Ecquador Embassy came to an abrupt end.