Okta's Still Gaining Momentum
6,550 organisations all across the 🌎 utilise Okta to securely connect people to the right technologies for their businesses and I'm proud to be a part of it. Combine this with the recent Forrester Wave report for Identity As A Service (IDaaS) as of Q2, 2019 that shows Okta as the leader in both strategy and current marketplace offering when compared to other solutions, with Okta clearly being well positioned to maintain its market dominance.
If you're keen to read more about the Gartner report - I've included a direct link here.
What is Gartner Seeing In The Industry?
Gartner Reported "SaaS-delivered Access Management (AM) has become the norm, as has advanced user authentication including MFA. AM vendors are maturing their approaches to session management, contextual and adaptive access, and API protection".
- So it's clear, the market is moving toward SaaS architecture faster than ever before with large and complex transformation projects moving customers off legacy and expensive software that were typically on-premise.
- Users are warming up to MFA - Multi Factor Authentication with services that they use, which is no surprise with the amount of news surrounding data breaches across the globe in recent years.
- Businesses are being required to be more attuned to having a contextualised and adaptive authentication process. This allows businesses to better shape a users identity experience and access through adaptive measures and processes depending on the context of that user in order to allow them to have a more enjoyable, seamless user experience and enjoyable journey.
- Developers are starting to ensure access to their API endpoints are correctly protected from malicious actors.
What's Up Next In The Access Management Space?
Gartner - By 2022, 60% of Access Management (AM) implementations will leverage User and Entity Behaviour Analytics (UEBA) capabilities and other controls to provide continuous authentication, authorisation and online fraud detection, up from less than 10% today.
Authentication is undoubtedly one of the core pillars in Cyber Security for any organisation wishing to operate in today's digital world and one of the annoyances of everybody else having to enter re-enter their passwords on sites that they visit.
Access works today by taking something unique that only you should know such as a Password, FaceID or Fingerprints (Hopefully - Check with Troy Hunt's HaveIbeenPwned to make sure) which you use to input to a system that will generate a session with your privileges should it match what the system was expecting. If your organisation is on-point, this should also now include a second factor such as an SMS text to your phone or verification code from a mobile application such as Google Authenticator or Okta's very own Okta Verify.
There are issues with the Current Way of Doing Authentication in Industry
With combinations of:
- Re-use of the same Passwords across services as there are just so many, users are struggling to remember new passwords so tend to reuse their current ones. At some stage or another we've all done this.
- Users not checking the legitimacy of a website as they're forever entering their passwords to access services.
- Large amount of different cloud service platforms users are accessing on a daily basis through new devices (smartphones, smart watches etc).
Albeit, I can see we are now moving towards utilising services such as Troy Hunts HaveIbeenPwned service to ensure users are not reusing breached or previously known passwords with new organisations.
If we combine all of these risk factors, as an industry, we really need to come up with and switch to new ways of dealing with the attack vectors that are present by using smarter authentication technology through a paradigm shift in how we do authentication as a whole.
Check out my Article on UEBA and Continuous Authentication and to figure out whether we still need a Password Manager