Okta Launches Hybrid Cloud Identity Management

Cloud identity management firm Okta on Tuesday introduced a feature allowing companies to link its Identity Cloud to on-premises applications, saying the Okta Access Gateway is better-suited to hybrid environments than legacy tools from Oracle, IBM and SAP.

Okta also launched a service aimed at managing access to servers on company networks, either on-premises or in the cloud, with a dynamic approach it said is more secure than current systems that involve the management of static credentials.

The company, which went public two years ago, made the announcements at its Oktane19 conference in San Francisco.

Okta Access Gateway brings Okta into direct competition with major providers of enterprise identity management systems such as Oracle, IBM and SAP, but Okta said those companies’ products predate the cloud and were built for on premises-only environments.

Okta chief executive Todd McKinnon at the Oktane18 conference. Image credit: Okta

Hybrid cloud

By contrast, it said the cloud is now well-established and is growing at an ever-faster pace, but that according to its own research the majority of large companies plan to keep at least one-third of their applications running on-premises.

Okta said that in such a “post-perimeter, hybrid world” many enterprises struggle to centrally manage identity and access management for both cloud and on-premises environments, resulting in unwieldy, complex systems that are a drain on both efficiency and security.

Okta Access Gateway gives users a choice of deploying a proxy on-premises or through cloud vendors including Amazon Web Services, Google Cloud Platform, and Microsoft Azure, and promises a single, independent source for application security that it said can be set up in about 30 minutes.

“Okta believes in enabling every organization to connect to the technology it needs, regardless of where that technology sits,” stated Okta chief executive Todd McKinnon.

The company said the technology is already being used by customers including Hitachi and would become generally available later this year.

Server access

Meanwhile, Okta Advanced Server Access aims to bring continuous, contextual access management to both on-premises Windows and Linux servers and resources running on major cloud platforms.

The service, available immediately, is billed as a more secure alternative to static Secure Shell (SSH) and Remote Desktop Protocol (RDP) credentials.

Okta said that typically a single administrator account granting broad access might be set up and the password then given to multiple people, an approach it said creates risks if those credentials should fall into the wrong hands.

The new service is aimed at enterprises that are struggling to keep track of who has access to sensitive servers and with provisioning and deprovisioning administrator accounts.

Dynamic approach

“Server access has traditionally relied on shared credentials that may never change, and that creates significant vulnerabilities for any large or growing organization,” McKinnon said. “Without a clear tie back to user identity, technology leaders lose visibility, agility, and ultimately security.”

He added that Okta’s approach, which involves continuously monitoring access and making access decisions based on changing user attributes and device conditions, is not only better for security but means an improved user experience.

The tool is based on a one-time, short-lived credential mechanism that removes the difficulties of tracking and protecting static keys, Okta said.

Aside from security and usability, Okta said the approach also makes it easier to automate server enrolment and supports custom workflows.

The tool and Access Gateway are both extensions of Okta’s offerings, which began with managing individuals’ access to cloud services and later extended to device-level management.

Other products announced at the conference included Okta Identity Engine, an upgrade to the Okta Identity Cloud that brings in a set of customiseable building blocks for identity processes.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Apple Sales Rise 6 Percent After Early iPhone 16 Demand

Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…

22 hours ago

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

23 hours ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

24 hours ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago