Introducing the Okta
Identity Engine
Author: Grace Maher
Release Date: 24/01/2022
The Okta Identity Engine is reinventing the wheel on how we authenticate, and how we deploy our security policies. Okta Identity Engine (OIE) is a platform that allows you to build more flexible identity experiences and process flows – you can now have true flexibility and choice as you are not bound to any single method of enrolling, authorising and enabling end users.
Some of the new improved capabilities that you can unlock by leveraging the Identity Engine are:
Passwordless Authentication
By enabling an end user to authenticate without a password, you eliminate the risk of users accidentally sharing or noting passwords down, authenticating is completed via an email with an embedded “magic link”. The end user can then simply click on the link to complete their authentication with no passwords necessary, you can also leverage such factors as SMS or security questions which can be much faster for remote or mobile workers.
Progressive Profiling
If you have end users who are also customers you can gain additional user information after their initial registration.This allows you to reduce registration friction and as a user shows interest or utilises different products and services across your organisation their profile can accurately reflect their interests, usage and assignments.
Application Level Policies
New Application Level policies allow organisations to model security outcomes for an application depending on external factors such as location or device. If a critical application is accessed or abnormal behaviour has been detected showing elevated risk then a non-phishable factor can be requested for step up authentication.
Flexible Account Recovery
With more ways to provide self-service to your end users, Okta is making it increasingly less time consuming for Identity administrators. Users have been able to reset their passwords and unlock their account within Okta for some time now, however, with OIE, this extends into more factors such as using Okta Verify or Okta Verify Push which will send the notification straight to the users enrolled mobile device, increasing the security posture for self service resets and allowing end users to reset without attempting to get back into work applications such as email.
