Okta announces its new partnerships with endpoint security vendors VMware Carbon Black, CrowdStrike and Tanium. Integrating endpoint protection management analyses with Okta Verify’s user identity risk indicators, Okta Identity Cloud consolidates the information and creates a risk profile of the individual login attempt. This partnership enables Okta to determine the overall health of the device (e.g. firewall disabled, malware on device) and make contextual access decisions appropriately, such as denying access or asking for additional authentication measures.
While most organizations have multifactor authentication and an endpoint security solution deployed on their devices – key controls to securing a remote workforce – these two controls are often siloed with little to no cross-talk or collaboration. As a result, this brings to light a security vulnerability where users are susceptible to accessing sensitive information on a device that may already be hijacked or infected with a malicious agent. Thankfully, the partnership between Okta and the aforementioned endpoint security vendors close this gap and provide an option to compare against Microsoft’s in-house security offerings.
One of the most favorable aspects of this partnership, in my opinion, is the automatic containment efforts: if systems are compromised, access is limited automatically based on combined risk analysis of Okta and endpoint protection agents and with little to no intervention of professional services or the InfoSec team. From my point of view, this is how cybersecurity should work – dynamically and automatically with the overall objective of minimizing risk.