sb-eu logo
Story image

Okta launches risk-based authentication with machine learning

03 Apr 2019

Identity services provider Okta has today at Oktane19 announced new risk-based authentication that leverages machine learning to deliver greater security, ease of use, and automated detection and response to identity-based attacks.

Risk-based authentication delivers panoramic insights into an enterprise’s employees, partners, and customers while also providing a means for transparent security controls.

Through risk-based authentication, enterprises can automate security by implementing significantly stronger authentication techniques and remediation when the scenario calls for it, while simultaneously enabling a seamless login experience for users within their normal behaviours using Okta Adaptive Single Sign-On and Okta Adaptive Multi-factor Authentication.

“Technologies are often built with security as a barrier to usability or as an afterthought, but organisations shouldn’t have to choose between providing workforces and customers with the best experience and ensuring their information is secure,” says Okta chief executive officer and co-founder Todd McKinnon.

“Okta built risk-based authentication to turn security into a user experience benefit, while maintaining deterrence when necessary. The combination of individualised machine learning context with data-rich insights from Okta’s vast ecosystem of customers, integrations, and authentications creates powerful network effects which enable transparent, yet actionable security.”

Leveraging machine learning to build a robust behavioural profile

Using machine learning, Okta can enforce robust authentication context at the user level, recognising that no two users are alike in terms of the applications they access, the devices they use or the locations from which they access corporate resources.

Rather, individualised profiles are built and the machine learning model is tuned over time, supplying a deep understanding of how users are engaging with and accessing the technology they need to be effective.

Contextual variables such as the device, location, IP address, and even typing biometrics can inform authentication and authorisation decisions.

Individualised machine learning is used to turn a multitude of unique data inputs into a contextual behaviour profile for each user.

Combined with network effect-driven intelligence from ThreatInsight — risk signals seen across Okta’s global dataset, such as high-risk IP addresses — Okta will be able to create quantifiable and actionable risk assessments for each authentication attempt.

Beyond simply gathering insights, Okta’s risk-based authentication also facilitates user-specific account remediations, where a user verifies the compromise and triggers a remediation workflow. 

Empowering customers to automate security

Okta customers will benefit from risk-based authentication’s insights, automation, and remediation.

By leveraging this new functionality with machine learning capabilities, organisations can now automate security practices and implement streamlined authentication techniques.

“Maintaining brand trust at Blackhawk Network is core to our business continuing to succeed, and that has everything to do with creating efficient and secure ways for our partner brands to engage with Blackhawk through partner portals,” says Blackhawk Network chief information security officer Vijay Bolina.

“We’ve entrusted Okta to build that experience for us, and the introduction of risk-based authentication offers to advance that fundamental authentication process even more, providing better user experiences and security for our employees and our partners who rely on Blackhawk.”

Okta risk-based authentication is currently available in beta and Okta expects it to be widely available soon as part of Okta Adaptive Single Sign-On and Okta Adaptive Multi-factor Authentication.

Story image
Exabeam and Code42 partner up to launch insider threat solution
The solution will give customers a fuller picture of their environment, and will leverage automated incident response to obstruct insider threat before data loss occurs.More
Story image
Kaspersky finds red tape biggest barrier against cybersecurity initiatives
The most common obstacles that inhibit or delay the implementation of industrial cybersecurity projects include the inability to stop production (34%), and bureaucratic steps, such as a lengthy approval process (31%) and having too many decision-makers (23%). More
Story image
Proofpoint enhances security awareness training platform
Available in Q4 2020, the platform will integrate more closely with Proofpoint’s best-in-class threat intelligence.More
Story image
Ripple20 threat could affect 35% of all IT environments – ExtraHop
The vulnerabilities have the potential to ‘ripple’ through complex software supply chains, enabling attackers to steal data or execute code.More
Story image
Misinformation on the rise, organisations consider how best to respond
The increase in misinformation and fake domains have left organisations perceiving the threat level to be ‘very significant’, with a third planning greater emphasis on their ability to respond in coming months.More
Story image
High-tech heist: why fending off ransomware attacks is more challenging than ever in 2020
The COVID-19 crisis has unleashed a wave of sophisticated and disruptive ransomware attacks, and the onus is on businesses to ramp up their security measures if they’re to avoid falling victim, writes Attivo Networks regional director for A/NZ Jim Cook.More