Contact Us




Change Locale

Let’s (Finally) Say Goodbye to Passwords

Uncategorized | Posted on August 30, 2018 by schap

Finding the right authentication technology can be challenging. Companies strive for a solution that achieves the lowest risk of unauthorized access to their businesses’ data, be that in the form of sensitive GDPR- and HIPAA-protected information or highly-confidential collateral stored in globally-distributed databases, without encumbering the end user. With threat actors targeting the weakest points of a company’s security — their people — this means investing in technologies that replace passwords with stronger, simpler user authentication.

Why move toward passwordless authentication?

For companies trying to deliver seamless and secure user-experiences, passwords are a real pain. Either they’re complex — and therefore difficult for employees and customers to remember — or they’re prime targets for nefarious hackers. Not only that, but remembering different login credentials across multiple apps and websites can be a huge headache for users, and strain IT teams with endless “lost password” resets…or worse, massive security risks.

According to Verizon’s 2017 Data Breach Investigations Report, 81% of all breaches used either stolen or weak passwords. In order to protect their employees and customers from credential phishing, password spraying, and brute force attacks, companies must rethink whether their password policies are sufficient to secure sensitive data. In fact, the best password is no password at all.

Learn more: is passwordless authentication actually secure?

Authentication made safe with ThreatInsights

Over the past several years, we’ve invested in best-in-class security technologies and partnerships with other leading apps to protect our customers. With 4,350 customers and 5,500 partners in the Okta Integration Network, our incident response team can see and take again against threats and suspicious activity across that ecosystem.

We’re making these enhanced security insights available to customers through Okta’s new ThreatInsight functionality — threat intelligence curated by our incident response team. This allows our customers to better understand their own risk tolerance requirements and adapt their policies accordingly. Once they set policies that fit their needs, Okta automates the risk-based assessment and response, enabling IT teams to automatically step up authentication.

A new standard: contextual access management

Investing in best-of-breed security tools also meant building our device-based access controls and extending our adaptive authentication offerings. Contextual access management takes into account a number of context signals — such as location, device, and network — to determine the threat level of each request.

For instance, if a user attempts to authenticate from a recognized IP address, on a known device, and on the company’s corporate network, the user would be considered “low risk” — and the user would not be required to enter a password in order to log in. Instead, the user would be prompted for an alternate factor, such as Okta Verify Push. If the user was using an unmanaged (though known) device in a new location, they may be considered “moderate risk,” and be prompted both for a security question and a second factor, such as Okta Verify.

A comprehensive approach to security

“Okta’s new ThreatInsight and behavioral signals give us insight into every authentication attempt, helping us to simplify the user experience and more quickly take action if something appears amiss,” says Elias Oxendine IV, global director of IT security at the Brown-Forman Corporation, one of the largest American-owned distilled beverage companies. “With Okta, we can better protect the most important and often most vulnerable part of our security — our people.”

By blending context signals with this intelligence, Okta’s Adaptive MFA solution will be able to more effectively provide businesses with the seamless, simple authentication experience that companies have grown to depend on. We’ve also introduced Adaptive Single Sign-on (SSO), which provides a simple, secure authentication experience for users and integrates with third-party enterprise mobility management solutions, such as Airwatch or MobileIron, for device trust. With this combination of Adaptive SSO, MFA, and ThreatInsight, IT and app development teams can move toward a context-driven security approach — one that may eventually eliminate passwords after all.

To see all our Oktane18 announcements, visit the Oktane content center here.

This article was originally published here.

Related Articles

Culture | June 17, 2020 by Softchoice Cares

In 1989, Jone Panavas founded Softchoice along with David Holgate to make it easier for businesses to source and acquire hard–to–find software products. Jone and David set out to make Softchoice a different kind of company from the very beginning, one where inclusiveness was a core tenet and employees were encouraged to bring their authentic selves to work.   While the technology landscape has become far more complex in the last 30 years, another […]

While some IT organizations were better prepared than others, none would have predicted just how vital remote working would be to the business in 2020. Seven in 10 IT leaders are now saying remote working requirements are having a permanent impact on budgets, staffing and policies. Nearly 40% of CEOs say “improving the remote work […]

  An Interview with Softchoice’s SVP of IT, Jeff Reis When Canada’s most valuable public company Shopify announced it was going “digital by default,” it was a clear sign that the brick-and-mortar office era was forever changed. “We cannot go back to the way things were. This isn’t a choice. This is the future,” tweeted […]