Okta Expands PAM and Identity Governance Reporting

Okta Expands Platform Capabilities

Okta has recently unveiled plans to broaden its platform's scope, venturing into new domains. Previously recognized for its robust identity access management solution, enabling single sign-on access to numerous cloud applications, the company is now extending its offerings to encompass privileged access and identity governance.

Privileged Access Management

The introduction of privileged access allows organizations to grant temporary, need-based access to critical administrative services. This includes sensitive areas like databases, servers, and other vital components of a company’s technological infrastructure, ensuring stringent control over system access.

Todd McKinnon, CEO of Okta, highlights the company’s established strength in securing general user access to cloud services such as Salesforce, Office 365, and Gmail. These services share a common characteristic: access is typically gained through a web-based interface.

Addressing Diverse Access Protocols

However, administrators often utilize different protocols to access specialized accounts. McKinnon explains, “These protocols include secure shell, terminal connections to cloud servers, database connections via SQL, and access to containers using the Kubernetes protocol.”

Privileged access incorporates key features like time-limited access and session recording. This video recording provides a comprehensive audit trail, documenting all actions taken during system access, thereby enhancing security measures for these sensitive accounts.

Streamlined Account Management

Okta’s existing user grouping system will facilitate the straightforward allocation of these specialized privileges to designated administrative personnel. The primary challenge lay in establishing access to the diverse range of protocols involved.

Identity Governance for Enhanced Security

The identity governance component empowers security teams to generate detailed reports and identify potential identity-related issues. It provides exception reporting for auditors and security personnel, enabling them to understand deviations from established policies.

This functionality allows for proactive identification and resolution of security vulnerabilities, strengthening overall security posture.

The Vision of an Identity Cloud

Combined with the recent $6.5 billion acquisition of Auth0, these developments are integral to Okta’s broader strategy of becoming a comprehensive identity cloud. McKinnon envisions a market dominated by several key strategic clouds, with identity being a central pillar.

He emphasizes the strategic importance of identity, stating, “Identity unlocks access for both customers and employees, and is fundamental to maintaining security.” This expansion, encompassing customer identity with zero trust, workforce identity with privileged access, and identity governance, signifies the evolution of identity as a primary cloud service.

Availability Timeline

Although announced at the company’s virtual Oktane customer conference, these new products will not be generally available until the first quarter of the following year.

These additions represent a significant step in Okta’s journey to provide a complete and secure identity management solution.