Okta brings its governance capability onto the Okta platform for the first time, and also significantly strengthens that capability over the more limited identity governance that they offered before.
Okta, which built up its business as an identity access management [IAM] provider, and later added governance to its portfolio, has significantly upgraded that governance capability with Okta Identity Governance. This unified IAM and Governance IT solution improves compliance posture, as IGA tools typically do, but integrates this on the Okta Identity Platform with their IAM capabilities. Okta has also improved the automation of its compliance capabilities, and expanded their reporting.
“Identity governance is not a new category for Okta,” said Paresh Bhaya, Senior Director of Okta Identity Governance, who handles product marketing for anything relating to identity management at Okta.
“Our vision was always to free anyone to use any technology, but the goal was to make them think identity first. Identity governance is critical in Zero Trust,” he said, “We used to sell lifecycle management before, which is a key point of identity governance. This new general availability of a unified IAM and Governance IT solution lets them use governance holistically on our platform. We started with session verification, then added things like Single Sign On [SSO], and lifecycle management to it. Now we provide governance on the full unified platform, so customers will be able to achieve a much stronger security posture.”
Still, Bhaya emphasized that there’s much more to this release than just making governance available on the Okta Identity Platform.
“It’s the way that we approach governance,” he said. “Many vendors either give access to all employees or make security where it is difficult to get access. Both of these extremes have their problems. We believe there is a fine balance. Our solution enables employees to get the right level of access to be productive. Employees who love tools like Slack or Microsoft Teams can request access, and Okta on the back end will automatically automate this, providing ease of use for both employees and admins.”
Bhaya expects that this will make Okta an even stronger play among larger enterprise customers.
“This definitely expands our market,” he said. “It’s a new category and brings in a new capability for Okta, that goes beyond a siloed approach. We expect it will appeal to a lot of big strategic accounts who want to be identity first. This will make Okta a key strategic identity partner for our customers.”
Okta Identity Governance adds three new governance capabilities to the Okta Identity Cloud.
The first, Okta Access Requests, automates the process of requesting access to applications and resources.
“Before, we had this only for applications and not for groups,” Bhaya said. “It was also not very intuitive previously. Now, with the self-service capabilities being integrated with collaboration tools, access is much more frictionless.”
The second change impacts who has access to what.
“All of those capabilities were not built in to access in a simplified modern way,” Bhaya stated. “Now IT and security teams can run these ideas right from Okta. This is something that is completely brand new. It will automatically remediate and help you improve your security posture. This will mean no more help desk tickets for this, and the help desk teams don’t have to chase approvals.” The solution now also offers periodic reviews into critical resources, including revoking access automatically to ensure that all users have the right level of access across all resources.”
The third capability, Enhanced Governance Reports, represents a major reworking of Okta’s reporting capabilities to help meet audit and compliance requirements, which lets admins provide an audit report of who has access to what resources, who approved the access and how they received it.
“We have completely revamped our reporting capabilities with out of the box capabilities,” Bhaya said. “Before, they really couldn’t use Okta to meet their governance reporting needs. Now this gives them information like who has direct access to say, Salesforce, and who is part of groups.”
A few more features in development are clear enough to be on the roadmap.
“We are really looking at this from a unified platform perspective,” Bhaya noted. We will be adding a lot of analytics. Event-based certification is in the very short term road map. A lot of customers also want fine grained entitlements. We want to be the quarterback siting in the centre because identity is the control plane. We also have other security partners and can take their signals and run certification campaigns.”
The new solution is being sold as a bundle.
“This is the first time that we have taken a bundled approach,” Bhaya indicated. “It will include lifecycle management and workflows, and the bundles will really help enterprises achieve automation. Customers have had a very positive approach to the automation.”
Bhaya stressed that this is all good news for Okta’s channel partners.
“This gives them that capability to help support our growth,” he said. “We are focused on partners’ aspirations here. They are part of our beta. We need to be intimate with our partner ecosystem to meet partners where they are. Our solution has short time to value, unlike many others in this area. The bundled price makes it more attractive. These will all create new opportunities that will help channel partners sell more, have a faster sale and go upmarket as well.”