Okta Device Access helps with Zero Trust Strategy

New product extends Okta’s trusted access management capabilities to the point of device login, empowering employees to work safely from anywhere.

  • Tuesday, 13th June 2023 Posted 1 year ago in by Phil Alsop

Okta has introduced Okta Device Access, a new product that enables organizations to extend Okta’s Identity and Access Management (IAM) capabilities to secure access to corporate devices for a hybrid workforce. As part of Okta's Workforce Identity Cloud, the solution will deliver stronger authentication to unlock a device, helping organizations achieve zero trust while simplifying the login experience for employees. Okta Device Access is part of Okta’s broader effort to move the industry beyond traditional multi-factor authentication (MFA) to enable phishing resistance and passwordless capabilities.

Identity-based attacks remain a persistent threat with more than 60% of security incidents involving stolen credentials and phishing attacks, according to Verizon’s 2022 Data Breach Investigation Report. As remote and hybrid workforces expand, protecting access to all corporate devices is becoming a top priority. According to the same report, missing desktops and laptops led to approximately 60% of security incidents associated with a lost or stolen asset, more than any other type of device — including mobile phones. Against this backdrop, organizations are shifting their focus toward protecting user and device identities. Okta Device Access enables businesses to secure access to both devices and applications, and future-proof their hybrid work strategy by enabling employees to work easily and safely from anywhere.

“Identity has become the first line of defense in a hybrid world of cloud applications and devices,” said Arnab Bose, Chief Product Officer, Workforce Identity Cloud at Okta. “We believe identity should empower IT and security teams to protect the enterprise across all touchpoints without compromising on productivity or agility. That’s why we’re investing meaningfully to become a first-party player in the device security space, and provide our customers with a unified authentication experience from any device to all applications. This empowers our customers to implement zero trust and use any technology safely.”

Unified Access Management for Hybrid Work

Okta Device Access will bring the same login experience that organizations trust for seamless access to their business apps to the point of device login. Unifying access management translates to immediate productivity gains for admins who can now integrate authentication policies across all user touchpoints, as well as for employees who can safely sign into their work devices and applications with a unified access experience — which means fewer passwords for potential attackers to utilize. 

Reinforcing Okta’s commitment to independence and neutrality, Okta Device Access is also designed to work seamlessly across devices, empowering customers to build the best-of-breed technology architecture of their choice. This includes support for Windows and macOS, with support for additional operating systems to come.

Okta Device Access is launching with two critical capabilities: Desktop MFA for Windows and macOS, and Desktop Password Sync for macOS.

Desktop MFA for Windows and macOS: Devices are the first vulnerable touchpoint for cyberattacks and at least one cybersecurity regulation requires MFA for device access — a key factor for organizations that work with government entities. With this feature, customers can extend Okta’s Advanced MFA policies to the desktop login to strengthen their zero trust strategy, and protect local data, native apps, and non-internet facing services on desktops.

Desktop Password Sync for macOS: Developed in close partnership with Jamf and built on top of Apple’s Platform Single Sign-On Extension, this feature securely provisions local macOS user accounts with Okta credentials and seamlessly enrolls users into Okta Verify and FastPass, Okta’s flagship passwordless authenticator, to enable phishing-resistant authentication to any Okta-protected app. Organizations can also incorporate relevant device context into their authentication flows and gain higher security assurance through its Device Assurance capabilities in Okta Verify.

“At NOV, we power the industry that powers the world,” said John McLeod, Chief Information Security Officer at NOV, which delivers technology-driven solutions to empower the global energy industry. “Our operations span multiple regions around the world, which makes it especially critical that employees can safely access digital resources from wherever they are. Okta Device Access is a natural step on our zero trust journey by providing our employees with the seamless access they need to do their best work, while at the same time helping to protect the device.”