Okta expands Workforce Identity Cloud with new security enhancements and AI governance tools

Identity access management company Okta Inc. Today there are a number of announcements aimed at strengthening security and developer capabilities across its platform, a new partnership with the OpenID Foundation to enhance identity security across SaaS applications, and a new set of tools for securing AI integration.

Starting with new improvements to Workforce Identity Cloud, Okta's first announcements aim to address key security challenges organizations face today. Okta announced the introduction of Secure SaaS Accounts, which provides centralized control over shared accounts to reduce the risks associated with unmanaged SaaS applications. By providing storage, credential rotation, and multi-factor authentication, organizations can better protect sensitive service accounts from unauthorized access.

Also new today is a new “Governance Analyst” powered by Okta AI, which seeks to reduce governance risks across the enterprise. The tool provides real-time risk assessments and actionable insights that allow managers to make faster, more informed licensing decisions. Governance Analyzer displays critical usage data and past governance decisions to ensure access control is continuously improved.

Okta has also introduced stronger user verification features to combat social engineering and deep fake attacks. New verification features include non-traditional identity verification integrations that allow organizations to integrate third-party providers for secure authentication of employees and partners. The new verification features also provide support for providers such as Persona Inc. and upcoming integrations with Incode Technologies Inc. And Onfido Ltd. To help reduce the risk of setup and recovery exploits.

The company is also working to improve the user experience by rolling out an expanded device single sign-on feature, which is expected to be generally available by early 2025. This feature simplifies access by linking users' identity to their devices, reducing the need for authentication prompts. Repeated while maintaining strong security.

Identity security standard

Okta today announced the launch of the Secure Enterprise Identity Interoperability Profile, a new open standard developed in collaboration with the OpenID Foundation. The standard was launched with support from industry leaders, including Microsoft Corp. and Ping Identity Corp. It aims to enhance identity security across SaaS applications by integrating technologies such as single sign-on, risk signaling sharing, and session termination into a unified framework.

The IPSIE standard is designed to address the growing challenges of identity security management in the cloud. The standard provides standardized practices for governance, entitlements management, and continuous authentication that allow organizations to better control identity risks.

Okta has partnered with more than 50 leading enterprise SaaS applications, including Google LLC, Microsoft Office 365, and Slack, to support IPSIE adoption. The applications will integrate features compatible with the new standard to make it easier for companies to build virtually secure SaaS products.

Authentication for GenAI

With the final announcement, Okta has introduced Auth for GenAI, a product designed to help developers securely integrate generative AI into their applications. The new toolset addresses AI-specific risks such as hallucinations and hyper-agency by providing secure user authentication and API management that allows developers to implement AI-powered features with confidence knowing that sensitive data is protected.

Auth for GenAI includes key features, including asynchronous authentication and fine-grained authorization, that enhance security and user experience. Asynchronous authentication allows users to approve or deny AI-based actions remotely, and fine-grained authorization ensures that AI agents only access data that each user is authorized to see. These features help prevent inappropriate disclosure of sensitive information.

In addition, Okta unveiled a new developer portal to support companies in building AI-ready applications. The portal is designed to make it easier for developers to securely expose APIs to AI agents to ensure integrations are protected from potential security threats.

Photo: Okta