Security Market Segment LS
Thursday, 02 April 2020 00:01

Okta launches passwordless logins, new platform services


Identity provider Okta claims that its new Okta FastPass is the first truly passwordless login experience across devices, applications, and operating systems including iOS, macOS, Android, and Windows. The company has also announced a number of platform services – some of which are used by FastPass – that accessible to customers and third-party developers.

The basic idea with FastPass is that people use the native biometric features of their device, such as Windows Hello or Apple's Touch ID to authenticate themselves, and then FastPass provides federated access to applications without having to enter passwords.

Forgotten passwords mean employees cannot immediately access information or systems needed to do their jobs, so there's a tendency to use (and reuse) easily remembered passwords.

The reuse of passwords presents security risks - many millions of passwords and the email addresses they are associated with are in circulation (see, eg, Have I Been Pwned).

"IT teams are tasked with operating vast technology ecosystems made up of a diverse set of applications, operating systems, and devices, all focused on providing choice and flexibility to their workforces," said Okta chief product officer Diya Jolly.

"Going passwordless not only makes employees happy, but it can make them more secure by relying on stronger factors like biometrics. Okta FastPass eliminates the need for a password regardless of an employee's device choice, and highlights how Okta's independent identity platform can deliver a truly differentiated experience for our customers."

Another benefit is that FastPass helps organisations simplify and modernise their infrastructure, for example by eliminating the need for on-premises LDAP or other directory services, Okta vice president of product marketing Joe Diamond told iTWire.

Okta FastPass relies on the Okta Verify application, which can be provisioned by IT or downloaded and installed by end users. Once users register their Okta account via Verify app, a persistent session is established with Okta.

Okta-managed applications accessed via a browser, desktop application, or a native mobile application, are then available without having to enter a password, providing the device is protected by biometrics.

Behind the scenes, FastPass uses SAML to communicate with other systems.

Administrators have the option of creating fine-grained policies that combine Okta Device Trust, Endpoint Security Integrations, and other adaptive policies with Okta FastPass to deliver secure, passwordless experiences for only managed, compliant devices.

For example, it would be possible to use FastPass in conjunction with other systems to allow the user of an unmanaged device to log into Salesforce, but then only allow access to less sensitive functions, Diamond told iTWire.

"NTT Data has over 120,000 people around the world in more than 50 countries," said NTT Data CISO Steve Williams.

"With our size and the needs of the clients we serve, it's inevitable we have more people in the field than sitting in the office, making Zero Trust critical for us. Okta is an integral part of the identity-centric view of life that we've taken with our security paradigm.

"Okta FastPass is a great example of how we can empower NTT Data employees with an intuitive password-less experience, while still maintaining invisible device policies and security. When anyone is given a choice between something that's convenient and something that's secure, they're going to choose convenient."

Okta FastPass goes into beta this week. It will be available in early access in 4Q20 and will be purchasable as part of Single Sign-on in Okta Workforce Identity products, and in the One App and Enterprise editions of Okta Customer Identity.

Okta FastPass is powered by a number of the new Okta Platform Services, including Okta Devices (collects device identity and context), Okta Directories, and Okta Identity Engine (customised authentication, authorisation and registration).

Other Okta Platform Services include Okta Workflows (no-code processes), Okta Integrations and Okta Insights (aggregates, analyses and disseminates Okta data, including security-related functionality).

Okta Platform Services are accessible through products, APIs, SDKs and integrations.

"In an increasingly digital world, identity has become the unifying means by which organisations use technology, whether for their own workforces or to engage with their customers," said Jolly.

"Identity is also an evolving challenge that requires a modern platform-approach that encourages standardised and open development. To truly enable any organisation to use any technology, we have made the Okta Identity Cloud even more flexible and customisable to meet virtually every use case imaginable.

"Platform Services like Workflows and Devices provide our customers and partners incredibly broad-ranging functionality across workforce and customer identity solutions."

"Wyndham Hotels and Resorts' mission is to make hotel travel possible for all, and identity plays a pivotal role in how we deliver on that mission," said Wyndham Hotels and Resorts group vice president and CISO Eric Brohm.

"Our ability to meet a variety of identity use cases with Okta keeps our workforce productive from anywhere and creates seamless experiences for the many types of customers we serve, no matter where they are located."

Features powered by Okta Directories, Okta Integrations, Okta Insights, and Okta Workflows are available immediately. Those powered by Okta Identity Engine and Okta Devices will be available in early access in 4Q20.

WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.



Recent Comments