Story image

Okta brings centralised identity security to servers

03 Apr 2019

Identity services provider Okta has announced Okta Advanced Server Access, a new product to bring continuous, contextual access management to secure cloud infrastructure, available today.

For the first time through the Okta Identity Cloud, enterprises will be able to continuously manage and secure access to on-premises Windows and Linux servers and across leading Infrastructure-as-a-Service vendors including Amazon Web Services, Google Cloud Platform, and Microsoft Azure.

Using Okta Advanced Server Access, companies like Personal Capital and are centralising access controls in a seamless manner that better mitigates the risk of credential theft, reuse, sprawl, and abandoned administrative accounts.

Organisations are grappling with how to secure a diverse and broad set of applications and infrastructure across a disparate, extended enterprise.

Increasingly, organisations of all sizes are recognizing the need for a Zero Trust framework that limits excessive user permissions and access while requiring continuous authorisation.

However, the credentials traditionally used to access servers — Secure Shell (SSH) keys and Remote Desktop Protocol (RDP) passwords — are static, creating significant vulnerabilities across a company’s network.

Enterprises are struggling to keep track of who has the keys to access servers running mission-critical workloads and storing valuable data and are woefully limited when it comes to provisioning and deprovisioning powerful administrative accounts.

With many organisations relying on multi-cloud infrastructure, technology leaders are left with limited visibility and agility when it comes to their critical, high risk infrastructure, and no central way to control and continuously secure their hybrid environments.

“Today’s enterprises rely on cloud platforms and hybrid environments to build the products their customers rely on and engage with daily,” says Okta chief executive officer and co-founder of Todd McKinnon.

“It’s the right approach for agile innovation, but server access has traditionally relied on shared credentials that may never change, and that creates significant vulnerabilities for any large or growing organisation.

“Without a clear tie back to user identity, technology leaders lose visibility, agility, and ultimately security. Okta Advanced Server Access brings centralised identity security to organisations leveraging on-premises, hybrid, and cloud infrastructure to increase security, visibility, and control and create a better experience for the teams building products.”

Taking centralised identity and access deeper

Designed with a revolutionary Zero Trust architecture from the ground up, the Okta Identity Cloud is capable of making smart access decisions based on dynamic user attributes and device conditions, where every login is independently authenticated and authorised.

Okta Advanced Server Access gives organisations the ability to make granular access decisions about an individual login request continuously.

Access controls are backed by a one-time, short-lived credential mechanism that eliminates the common pain of tracking and protecting static keys.

Whether an organisation is securing its on-premises infrastructure, cloud infrastructure or hybrid environments, Okta Advanced Server Access serves as a critical solution to a growing enterprise security problem — all while centralising granular access control, lifecycle management, and administration through the Okta Identity Cloud.

Okta Advanced Server Access enables enterprises to:

  • Centralise access controls to servers: Using Okta Advanced Server Access, customers can automate the end-to-end lifecycle of local server user and group accounts under a single directory. It delivers seamless SSO and MFA authentication to SSH and RDP workflows, inline to the protocols, while introducing contextual access controls based on dynamic user and device posture.
     
  • Remove barriers to automation: With Okta Advanced Server Access, it is easy to automate server enrollment into the configuration management of choice, including Chef, Puppet, Ansible, and Terraform. Customers can support multi-cloud environments with a unified control plane that abstracts each provider’s IAM functions, and makes every actionable event an API, allowing for custom workflows.
     
  • Deliver a seamless end-user experience: Okta Advanced Server Access works in line with the SSH and RDP protocols, integrated natively with CLI and GUI tools. As a SaaS-delivered product, Okta Advanced Server Access abstracts the complexities of credential management, account management, and more. Automation makes it easy to configure dynamic environments, eliminating redundant tasks without compromising security
Tech Data to distribute Nutanix backup solution in A/NZ
Tech Data will distribute HYCU Data Protection for Nutanix backup and recovery software to their network of partners across Australia and New Zealand.
Veeam releases v3 of its MS Office backup solution
One of Veeam’s most popular solutions, Backup for Office 365, has been upgraded again with greater speed, security and analytics.
Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach
Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.
Safety solutions startup wins ‘radical generosity’ funding
Guardian Angel Security was one of five New Zealand businesses selected by 500 women (SheEO Activators) who contributed $1100 each.
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.