Okta launches risk-based authentication solution

Risk-based authentication hinders threat actors while streamlining user experience.

  • 5 years ago Posted in
Okta has introduced new risk-based authentication that leverages machine learning to deliver greater security, ease of use, and automated detection and response to identity-based attacks. Risk-based authentication delivers panoramic insights into an enterprise’s employees, partners, and customers while also providing a means for transparent security controls. Through risk-based authentication, enterprises can automate security by implementing significantly stronger authentication techniques and remediation when the scenario calls for it, while simultaneously enabling a seamless login experience for users within their normal behaviors using Okta Adaptive Single Sign-On and Okta Adaptive Multi-factor Authentication.

 

“Technologies are often built with security as a barrier to usability or as an afterthought, but organisations shouldn’t have to choose between providing workforces and customers with the best experience and ensuring their information is secure,” said Todd McKinnon, Chief Executive Officer and co-founder of Okta. “Okta built risk-based authentication to turn security into a user experience benefit, while maintaining deterrence when necessary. The combination of individualised machine learning context with data-rich insights from Okta’s vast ecosystem of customers, integrations, and authentications creates powerful network effects which enable transparent, yet actionable security.”

 

Leveraging Machine Learning to Build a Robust Behavioral Profile

 

Using machine learning, Okta can enforce robust authentication context at the user level, recognising that no two users are alike in terms of the applications they access, the devices they use or the locations from which they access corporate resources. Rather, individualised profiles are built and the machine learning model is tuned over time, supplying deep understanding of how users are engaging with and accessing the technology they need to be effective. Contextual variables such as the device, location, IP address, and even typing biometrics can inform authentication and authorisation decisions.

 

Individualised machine learning is used to turn a multitude of unique data inputs into a contextual behavior profile for each user. Combined with network effect-driven intelligence from ThreatInsight —risk signals seen across Okta’s global dataset, such as high-risk IP addresses — Okta will be able to create quantifiable and actionable risk assessments for each authentication attempt. Beyond simply gathering insights, Okta’s risk-based authentication also facilitates user-specific account remediations, where a user verifies the compromise and triggers a remediation workflow. 

 

Empowering Customers to Automate Security

 

Okta customers will benefit from risk-based authentication’s insights, automation and remediation. By leveraging this new functionality with machine learning capabilities, organisations can now automate security practices and implement streamlined authentication techniques.

 

“Maintaining brand trust at Blackhawk Network is core to our business continuing to succeed, and that has everything to do with creating efficient and secure ways for our partner brands to engage with Blackhawk through partner portals,” said Vijay Bolina, Chief Information Security Officer of Blackhawk Network. “We’ve entrusted Okta to build that experience for us, and the introduction of risk-based authentication offers to advance that fundamental authentication process even more, providing better user experiences and security for our employees and our partners who rely on Blackhawk.”

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Trend Micro has released new research detailing the murky cybercrime supply chain behind much of...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...
State of Industrial Cybersecurity report reveals only 21% of organizations achieved full maturity...