Scribd Logo
Upload

Welcome to Scribd!

  • Okta Session Handout 1

    Uploaded by

    scott tang
    22 views24 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    22 views24 pages

    Okta Session Handout 1

    Uploaded by

    scott tang

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 24

    Shift to Long-Term Remote Work with

    Adaptive Access Management Policies


    Teju Shyamsundar, Product Marketing @ Okta
    ‘New normal’: Extended, distributed workforce
    Work from anywhere More tools than ever Threat actors aren’t slowing

    88% 88 667%

    IT leaders that anticipate more The average number of apps Observed increase in
    flexibility around remote work per organization in 2020, up spear-phishing attacks by
    following the pandemic (1) from 83 apps a year ago (2) security researchers
    starting in Feb 2020 (3)

    1 Okta Pulse Survey


    2 Okta Businesses at Work 2020
    3 https://www.barracuda.com/covid-19/email-protection

    © Okta and/or its affiliates. All rights reserved. Okta 2


    Confidential
    VPNs: for remote access and traffic control/inspection

    Intranet

    VPN
    Employees
    Internal Apps
    VPNs: productivity, security risks, and placebo effect

    Intranet
    Security
    Performance
    compromises

    VPN
    Employees
    Internal Apps

    Unregulated
    traffic B2B
    Contractors
    Offshore developers

    Extended
    Enterprise
    What organizations are doing

    SHORT TERM LONG TERM

    Improve VPN security Retire VPN and adopt Zero Trust


    The perimeter security is subject to new attack vectors. The perimeter is gone. Security does not rely in the
    You should protect the VPN perimeter. perimeter.
    Your security should be around context.

    Okta helps you in both stages


    Adapt to long-term remote work by focusing on
    identity and access management
    Three focus areas to get started

    Seamlessly access Reduce Enhance


    everything IT friction security

    © Okta and/or its affiliates. All rights reserved. Okta 6


    Confidential
    Seamlessly access
    everything
    Connect all your users to all your apps,
    infrastructure and APIs

    © Okta and/or its affiliates. All rights reserved. Okta 7


    Confidential
    Power work from anywhere by centralizing identities

    Cloud

    On-Prem
    Applications
    Secure Passwordless
    Access Public

    Any device. Any location.


    Private
    APIs
    • Employees • Partners
    • Contractors • Privileged Users Cloud

    On-Prem
    Infrastructure

    Where any user, can access any resource, from any device.
    Power work from anywhere by centralizing identities
    Okta Integration
    Network

    Single Cloud
    Sign On
    Access
    On-Prem
    Applications Gateway

    Secure Passwordless
    Access Public
    API Access
    Any device. Any location. Management
    Private
    APIs
    • Employees • Partners
    • Contractors • Privileged Users Cloud
    Advanced
    On-Prem Server Access
    Infrastructure

    Where any user, can access any resource, from any device.
    Reduce IT
    friction
    Automate identity, resource,
    and access management

    © Okta and/or its affiliates. All rights reserved. Okta 10


    Confidential
    Automation for every user type

    IT USERS

    Contractors Employees
    Business Partners Privileged Users

    Consolidated, centralized controls Automatically assigned resources


    (directories, HRIS, cloud apps) (apps, servers, files, folders)
    Automation for every user type

    IT USERS

    Contractors Employees
    Business Partners Privileged Users

    Consolidated, centralized controls Automatically assigned resources


    (directories, HRIS, cloud apps) (apps, servers, files, folders)

    Universal Lifecycle
    Directory Mgmt.
    Enhance
    security
    Build the foundation of your
    zero trust strategy

    © Okta and/or its affiliates. All rights reserved. Okta 13


    Confidential
    Align access to risk
    Give the right person access to the right resources, at the right
    time
    Okta Signals Your Security Stack
    Third Party Context

    User

    Device
    Pre-built connectors and
    APIs for shared signals
    Location

    Network

    App
    Risk Engine
    Risk-Based
    Access

    Global Insights

    Okta ThreatInsight Authorization


    Engine
    Align access to risk
    Give the right person access to the right resources, at the right
    time
    Okta Signals Your Security Stack
    Third Party Context

    User

    Device
    Pre-built connectors and
    APIs for shared signals
    Location

    Network

    App
    Risk Engine
    Risk-Based
    Access

    Global Insights
    Adaptive MFA

    Okta ThreatInsight Authorization


    Engine
    FedEx delivers a secure remote workforce in record time

    36 hours to move Workday, Office


    365, Webex, ServiceNow, Salesforce,
    Check Point VPN, and Zoom to Okta

    490,000+ office workers and customer


    service agents accessing their work via
    Okta

    250+ cloud applications accessible


    through Okta Identity Cloud

    16 © Okta and/or its affiliates. All rights reserved. Okta 16


    Confidential
    Capital Group Transitions 98% of its Workforce to WFH

    90-year-old financial services company,


    among the world's oldest and largest
    investment management organizations

    5 days to enable thousands of


    employees to work from home

    80% increase in VPN access on non-


    managed devices, now using Okta
    Adaptive MFA and Device Trust
    capabilities to secure access
    Modern Organizations Support Remote Work

    Modern organizations
    ● Use more cloud
    Remote work ● Have a flexible
    workforce
    ● Work as a tech
    company
    ● Adopt zero trust
    security
    How Okta helps

    Improve security, user experience, Enabling zero trust (ZT)


    and reduce MFA costs at your own pace & terms
    Short term: Okta improves security, user experience, and reduces MFA costs

    Intranet
    Security
    Performance
    compromises

    VPN
    Employees
    Internal Apps

    Unregulated
    traffic B2B

    Extended
    Enterprise
    Long Term: How Okta enables zero trust

    Intranet

    ZERO TRUST PARTNERS

    VPN Traffic inspection outside the VPN


    Internal Apps

    IDENTITY Identity enables Zero Trust

    ZERO
    TRUST Better risk-based access decisions
    PARTNERS

    OKTA ACCESS GATEWAY


    Remote Access for Servers
    ADVANCED SERVER
    ACCESS and Web Apps
    Remote Access for additional
    ZERO TRUST PARTNERS
    resources
    How Okta enables the zero trust stack

    Solution Category Okta How

    Endpoint Management ⬆ Value • Check for managed device state before users access corporate
    Endpoint Security ⬆ Security resources
    ⬆ Productivity • Utilize EDR signals to inform access decisions to any resource
    in Okta

    Network Security ⬆ Time to Value • Fine-tune cloud access based on group permissions
    ⬆ Security • Automate workforce provisioning and deprovisioning
    • Multi-factor Authentication for your VPN
    • Enables context/risk-based network perimeters (software
    defined)

    Data Security ⬆ Value • Extend email security to 6,500+ apps in the Okta Integration
    ⬆ Security Network
    • Authn with additional assurance or access blocked based on
    email threats/activity
    • Automatically move users to a high-risk group with minimal
    access to resources based on login activity
    • Trigger MFA on DLP violations
    Distributed Work IAM Maturity

    Stage 3: Zero Trust


    Access Rooted in
    Stage 2: Enhance
    Identity
    Productivity for Today’s
    SECURITY

    Distributed Workforce • Set zero trust, risk-based


    Stage 1: Enable Secure access controls rooted in
    Remote Work -- and Fast • Automate on and offboarding identity

    • Store non-corporate IDs (i.e. • Passwordless when risk


    • Add MFA for apps/VPN temporary, contract) in cloud is low (and work towards
    Stage 0: Traditional Work passwordless)
    directories
    Environment • Quickly implement and roll out
    • Reduce reliance on VPNs
    new remote work tools via SSO • Set context-based access
    • Directory (i.e. AD) on-premises policies, use high assurance MFA • Integrate with zero trust
    • Simplify user experience and
    • No cloud integration factors partners
    eliminate password sprawl via
    • No/limited remote access standards-based integrations • Extend access controls to on-
    capabilities (i.e. OIDC, SAML) prem apps, IaaS

    PRODUCTIVITY
    Reduce VPN: When to use

    Thank you

    You might also like