Oktane 2024 was all about Standardization. As Okta's CEO Todd McKinnon said in his keynote, “To solve the identity security challenge, we need standardization.” To build on that, this year, Okta set out to address one of the biggest challenges in identity management—creating a consistent, interoperable, and unified security experience across the digital landscape.
The need for a standard-driven approach was evident as organizations struggled to bring consistency to how they managed and secured identity and access across their complex tech environments.
Let's dive into the key highlights and new feature announcements that defined Oktane 2024. And for the record, there were quite a few.
Key Highlights
Building a Better Identity World with IPSIE
The headline announcement was the launch of Interoperability Profile for Secure Identity in the Enterprise (IPSIE)—a game-changing effort to standardize identity security. IPSIE is designed to make identity systems talk to each other without friction. Think of it as a common language for identity security to reduce the challenges of integrating and communicating across thousands of platforms and systems.
What does this mean for businesses? It this means that they get a more secure, cohesive identity security management experience that works seamlessly with Okta, delivering out-of-the-box security benefits—ensuring that security isn’t an afterthought but is baked into every interaction.
This is a call by Okta to the wider industry to embrace a more unified approach. By leading this initiative, Okta is setting the stage for a security landscape where standards are clear and the path to implementation is easy and direct.
IPSIE aims to cover the entire spectrum of identity management which includes Single Sign-On (SSO) for centralized authentication, Multi-Factor Authentication (MFA) for layered security, and Lifecycle Management to govern user access throughout and after their tenure. It also incorporates risk signal sharing, entitlements for privileged access, and session management to ensure secure login and logout processes.
Zero Trust Is More Than a Buzzword—It's Becoming Standard Practice
From the keynotes and customer discussions at Oktane 2024, it was evident that Zero Trust isn’t just a concept anymore—it’s the new reality for identity management. The idea of “Never trust, always verify” has moved from a best practice to a fundamental standard.
This year, Okta emphasized the importance of adopting Zero Trust principles, not as an additional layer of security but as a way to simplify it. By verifying each user and device at every step, businesses can ensure that they are only granting access to the right resource to the right identity.
This change also shifts the trend from “more security tools” to “better security standards.” The goal is to make Zero Trust a practice at every organization, regardless of size or complexity.
Strengthening Identity Security with Secure Identity Assessment
Another key announcement in Todd McKinnon’s keynote was the introduction of Secure Identity Assessment. This is a new service from Okta that provides organizations with the tools and guidance to identify vulnerabilities and gaps in their current identity security posture. This proactive move by Okta is designed to help businesses tighten their security, adhere to best practices, and close any loopholes before they become issues.
It provides a comprehensive evaluation of an organization’s identity security posture, pinpointing vulnerabilities, misconfigurations, and areas of improvement. It also offers tailored recommendations based on each organization's unique needs. Not only does this empower companies to build confidence and stay ahead of potential threats but also ensures that companies are leveraging the best features of Okta in the right way.
AI's Role in Identity Just Got Smarter
AI continues to be a topic of interest in the industry and Okta is making sure to ride this wave. Oktane 2024 showcased how AI can be used not just for automation but for smarter security decisions. Okta introduced new tools that leverage AI in features such as Adaptive MFA, Risk Based Authentication, Governance Analyzer, and User Behavior Analysis, ensuring that security measures are smart, dynamic, and context-aware.
Okta’s AI-enabled features allow businesses to adapt security measures based on real-time data, reduce friction for legitimate users, and tighten controls for high-risk scenarios. By aligning AI tools with a standard like IPSIE, Okta is ensuring that AI’s power is seamlessly harnessed at scale, throughout the landscape.
In addition to introducing AI in their solutions, they also introduced features to secure integrations with GenAI systems, ensuring they are properly authenticated and authorized while interacting with an organization’s applications. These AI-driven applications often have access to vast amounts of sensitive information, and Okta’s framework aims to safeguard that data.
Security for Every Stage of the Authentication Journey—Before, During, and After
A theme that was consistently referenced across keynotes was Okta’s comprehensive approach to identity security — “before, during, and after” authentication:
- Before: Discover and remediate key identity misconfigurations.
- During: Achieve outcomes like end-to-end phishing resistance and zero standing privileges for both human and non-human accounts.
- After: Continuously listen for risk signals across your entire enterprise and terminate sessions using Universal Logout.
This strategy ensures an end-to-end, layered approach to identity security, covering every phase of the authentication journey. It emphasizes that it’s not just about stopping threats but also anticipating them and preparing to handle any incidents effectively.
New Feature Announcements at Oktane 2024
Oktane 2024 was full of exciting product updates and feature announcements—from larger initiatives like IPSIE to enhancements to Adaptive MFA. Some of the key features announced were:
Okta Workforce Identity Cloud (WIC)
Extended Device Single Sign-On
Extended Device SSO is a game-changer for employee productivity. It streamlines access by tying authentication to a specific device and user, reducing the need for multiple prompts while accessing different applications and systems. For IT teams, it means enhanced security, as each session is hardware-bound, preventing unauthorized access even if credentials are compromised.
Secure SaaS Service Accounts
Managing service and shared accounts has always been a challenge and also often the root cause of attacks. Okta’s Secure SaaS Service Accounts feature aims to bring order to this chaos. By identifying and securing non-federated privileged accounts, it reduces the risks associated with unmanaged access points. This feature is particularly relevant in environments with high volumes of service accounts, where timely visibility and management of service accounts can significantly lower the risk of breaches.
Enhancements to Adaptive MFA
Adaptive MFA is one of Okta’s key features, but its latest enhancements make it even more smarter and intuitive. By analyzing real-time risk factors, Adaptive MFA now adjusts security requirements based on context. If a user logs in from a trusted location, access might be simplified. But if there’s unusual behavior, additional layers of security kick in. This feature brings the concept of a “tailored security experience” to life, maintaining a consistent security posture while minimizing friction for legitimate users.
Okta Customer Identity Cloud (CIC)
Auth for GenAI
With Auth for GenAI, Okta is a step ahead by ensuring that AI interactions follow the same stringent security standards as human ones. This feature enables secure integration of AI into your apps and limits AI access to sensitive information, enforcing principles of least privilege and adaptive risk management.
Universal Logout
Universal Logout was one of the key feature announcements of Oktane 2024. It might sound simple, but its impact is significant. This feature ensures users are automatically signed out of SaaS apps managed by Okta CIC when a logout or de-provisioning event occurs in WIC. It prevents lingering sessions that could be exploited by attackers, reducing the risk of session hijacking. It’s a small change that has a big impact on overall security, ensuring consistency in session management.
Deep Integrations with 125 Apps
These new 125 integrations are designed to go beyond basic connectivity, offering deep, standards-based interactions that allows Okta to work together seamlessly with them. They include everything from enhanced SSO to unified risk monitoring, ensuring that security isn’t compromised when applications communicate. This deeply aligns with the goal of creating a standardized identity ecosystem where different platforms integrate seamlessly to strengthen identity security across environments.
This includes integration with Google Workspace, Salesforce, Box, Zoom, Slack, HubSpot, Zendesk, Atlassian, and more.
Protecting your Critical Okta Data
Identity isn’t just a layer of security, it’s the foundation. Ensuring that your identity data is secure means protecting the foundation of your organization’s digital infrastructure.
HYCU understands that safeguarding identity data isn’t just about preventing breaches, it’s about ensuring business continuity and avoiding catastrophic damage to your business by protecting the data that matters the most. As Okta focuses on unifying identity security and management, the purpose-built data protection for Okta on HYCU R-Cloud™ ensures that your Okta data is always available to you at all times – no matter what happens.
Conclusion: A Standardized Future for Identity
Okta's push for standardization isn't just a buzzword, it’s a way to ensure that security, integration, and compliance are as effortless as possible. With initiatives like IPSIE and advanced AI integrations, Okta is setting a new industry standard that emphasizes clarity, consistency, and interoperability.
This move toward unified security practices makes managing digital identities easier and more secure for organizations of all sizes.
Additional Resources
- How to Safeguard Your Okta Workforce Identity Cloud (WIC) Data with HYCU R-Cloud
- The Essential Role of Okta Backup in Cyber Security
- Video: Protect Okta Data with HYCU R-Cloud
- Securing Critical SaaS Data: Boston Red Sox Partners with Okta and HYCU
Get the newest insights and updates
.png){kind=small}
