Okta debuts zero trust-based cloud server access controls
Cloud identity management Okta Inc. is beefing up its Okta Identity Cloud platform today with a new offering designed to facilitate “contextual access management” to public cloud infrastructure.
Okta Advanced Server Access is based on technology the company acquired last year when it bought a startup called ScaleFT Inc., which specialized in “zero trust” security systems. Zero trust is a security model that’s based on the principle of maintaining strict access controls and not trusting anyone by default, even those already inside the network perimeter.
Zero trust allows organizations to limit excessive user permissions and access, while requiring continuous authorization. Okta said it’s an ideal model for controlling access to remote servers, which are traditionally protected using Secure Shell keys and Remote Desktop Protocol passwords.
The problem with these older methods is that enterprises struggle to keep track of who has the keys to access the servers that run their most critical workloads or store important data. They also limit the ability of enterprises to provision and deprovision administrative accounts, Okta said.
Okta Advanced Server Access borrows a zero trust security model that’s similar to the BeyondCorp philosophy used by Google LLC. With it, access control is no longer based on whether users are requesting that access from inside or outside of the corporate network. Okta Advanced Server Access automatically assumes that users requesting access from inside the network are just as untrustworthy as those seeking remote access.
As a result, access requests are instead granted based on details about the particular users, their jobs and the security status of the device they’re using. This, Okta argued, is far more effective than traditional network security controls.
The main advantages of Okta’s system include mitigating the risk of credential theft as there’s no longer any need to store and use passwords to access cloud infrastructure. Okta Advanced Server Access also ensures that access controls are more centralized within an organization and makes it easier to automate server enrollment within configuration management platforms such as Ansible, Chef, Puppet and Terraform, the company said.
Analyst Holger Mueller of Constellation Research Inc. told SiliconANGLE that Okta’s improved access controls would be welcomed by CxOs, as unfettered access to applications across on-premises, public and hybrid cloud environments was a major source of headaches.
‘The cloud has made many things easier for enterprises, but certainly not access management,” Mueller said. “It’s good to see vendors coming to the rescue, and today it is Okta’s turn, leveraging its ScaleFT acquisition from last year. It will be interesting to see the first customers go live and what benefits they receive from operating this new access management capability.”
“Without a clear tie back to user identity, technology leaders lose visibility, agility, and ultimately security,” said Okta co-founder and Chief Executive Officer Todd McKinnon (pictured). “Okta Advanced Server Access brings centralized identity security to organizations leveraging on-premises, hybrid and cloud infrastructure to not only increase security, visibility, and control, but to create a significantly better experience for the teams building innovative products.”
Photo: Okta
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU