Okta has tightened integration between its identity access management platform and a variety of endpoint security tools, at a time when cybersecurity concerns are at a peak.
Joe Diamond, vice president of product marketing for Okta, said tighter integration with endpoint security offerings from VMware Carbon Black, CrowdStrike and Tanium will enable organizations to provide higher levels of security now that most employees are working from home to help combat the spread the COVID-19 pandemic.
Cybercriminals have launched a massive wave of phishing attacks aimed largely at end users working from home. Endpoint security tools provide a means of thwarting the malware deposited on endpoints, while the Okta Identity Cloud platform serves to prevent cybercriminals from employing compromised credentials to access corporate IT environments.
Integrations with cybersecurity platforms are made possible by Okta’s Verify application, which runs on the endpoint, and the Okta Devices Platform Service, which collects data from those endpoints. The Okta Identity Cloud is then able to create a risk profile of an individual login attempt using that data to determine access levels based on the device being employed, in addition to determining whether the operating system is up-to-date, the firewall has been disabled or the device is jailbroken, contains any malware or is managed by IT. If any of those issues are detected Okta can then deny access or prompt for an additional authentication factor.
While Okta has always made available application programming interfaces (APIs), the company is now providing deeper levels of integration with various third-party cybersecurity offerings, said Diamond.
With more employees working from home, he added it’s now more apparent than ever there is no traditional perimeter to defend. IT organizations are now coping with a mix of managed and unmanaged endpoints that are accessing applications across a wide variety of networks. The only way to really defend IT environments is to more aggressively track user behavior as part of an effort to identify anomalies indicative of a potential breach, said Diamond.
It’s too early to say to what degree endpoint security and identity management will converge in the wake of the COVID-19 pandemic. Most organizations have some form of endpoint security deployed. However, the adoption of identity management platforms has been uneven. However, with more end users remotely accessing applications, many organizations may conclude that identity management platforms are now an absolute requirement.
Whatever the outcome, Diamond said it’s clear organizations will need to rely more on endpoint security versus, for example, a security information event management (SIEM) platform that might be able to identify a potential breach only long after the damage has been done.
Of course, it may take a while for organizations to come to terms with a “new normal” that will see more employees working from home even once the pandemic subsides. Unfortunately, cybercriminals have already made it clear they’ve already seen the potential to exploit that new normal in ways many organizations are not yet fully prepared to combat.