Story image

Okta launches risk-based authentication with machine learning

03 Apr 2019

Identity services provider Okta has today at Oktane19 announced new risk-based authentication that leverages machine learning to deliver greater security, ease of use, and automated detection and response to identity-based attacks.

Risk-based authentication delivers panoramic insights into an enterprise’s employees, partners, and customers while also providing a means for transparent security controls.

Through risk-based authentication, enterprises can automate security by implementing significantly stronger authentication techniques and remediation when the scenario calls for it, while simultaneously enabling a seamless login experience for users within their normal behaviours using Okta Adaptive Single Sign-On and Okta Adaptive Multi-factor Authentication.

“Technologies are often built with security as a barrier to usability or as an afterthought, but organisations shouldn’t have to choose between providing workforces and customers with the best experience and ensuring their information is secure,” says Okta chief executive officer and co-founder Todd McKinnon.

“Okta built risk-based authentication to turn security into a user experience benefit, while maintaining deterrence when necessary. The combination of individualised machine learning context with data-rich insights from Okta’s vast ecosystem of customers, integrations, and authentications creates powerful network effects which enable transparent, yet actionable security.”

Leveraging machine learning to build a robust behavioural profile

Using machine learning, Okta can enforce robust authentication context at the user level, recognising that no two users are alike in terms of the applications they access, the devices they use or the locations from which they access corporate resources.

Rather, individualised profiles are built and the machine learning model is tuned over time, supplying a deep understanding of how users are engaging with and accessing the technology they need to be effective.

Contextual variables such as the device, location, IP address, and even typing biometrics can inform authentication and authorisation decisions.

Individualised machine learning is used to turn a multitude of unique data inputs into a contextual behaviour profile for each user.

Combined with network effect-driven intelligence from ThreatInsight — risk signals seen across Okta’s global dataset, such as high-risk IP addresses — Okta will be able to create quantifiable and actionable risk assessments for each authentication attempt.

Beyond simply gathering insights, Okta’s risk-based authentication also facilitates user-specific account remediations, where a user verifies the compromise and triggers a remediation workflow. 

Empowering customers to automate security

Okta customers will benefit from risk-based authentication’s insights, automation, and remediation.

By leveraging this new functionality with machine learning capabilities, organisations can now automate security practices and implement streamlined authentication techniques.

“Maintaining brand trust at Blackhawk Network is core to our business continuing to succeed, and that has everything to do with creating efficient and secure ways for our partner brands to engage with Blackhawk through partner portals,” says Blackhawk Network chief information security officer Vijay Bolina.

“We’ve entrusted Okta to build that experience for us, and the introduction of risk-based authentication offers to advance that fundamental authentication process even more, providing better user experiences and security for our employees and our partners who rely on Blackhawk.”

Okta risk-based authentication is currently available in beta and Okta expects it to be widely available soon as part of Okta Adaptive Single Sign-On and Okta Adaptive Multi-factor Authentication.

Tech Data to distribute Nutanix backup solution in A/NZ
Tech Data will distribute HYCU Data Protection for Nutanix backup and recovery software to their network of partners across Australia and New Zealand.
Veeam releases v3 of its MS Office backup solution
One of Veeam’s most popular solutions, Backup for Office 365, has been upgraded again with greater speed, security and analytics.
Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach
Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.
Safety solutions startup wins ‘radical generosity’ funding
Guardian Angel Security was one of five New Zealand businesses selected by 500 women (SheEO Activators) who contributed $1100 each.
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.