惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Engineering at Meta
Engineering at Meta
T
Threatpost
P
Palo Alto Networks Blog
NISL@THU
NISL@THU
O
OpenAI News
Project Zero
Project Zero
G
GRAHAM CLULEY
P
Privacy International News Feed
A
Arctic Wolf
Microsoft Azure Blog
Microsoft Azure Blog
H
Help Net Security
M
MIT News - Artificial intelligence
T
Threat Research - Cisco Blogs
S
Security @ Cisco Blogs
Google DeepMind News
Google DeepMind News
B
Blog RSS Feed
D
Docker
aimingoo的专栏
aimingoo的专栏
博客园 - 【当耐特】
N
Netflix TechBlog - Medium
云风的 BLOG
云风的 BLOG
雷峰网
雷峰网
W
WeLiveSecurity
P
Proofpoint News Feed
腾讯CDC
Cloudbric
Cloudbric
S
Secure Thoughts
C
Check Point Blog
博客园 - Franky
T
The Exploit Database - CXSecurity.com
T
Troy Hunt's Blog
GbyAI
GbyAI
Security Archives - TechRepublic
Security Archives - TechRepublic
Application and Cybersecurity Blog
Application and Cybersecurity Blog
月光博客
月光博客
C
Cyber Attacks, Cyber Crime and Cyber Security
I
Intezer
TaoSecurity Blog
TaoSecurity Blog
L
Lohrmann on Cybersecurity
V
Visual Studio Blog
F
Fortinet All Blogs
博客园 - 叶小钗
C
CXSECURITY Database RSS Feed - CXSecurity.com
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Recorded Future
Recorded Future
C
Cisco Blogs
博客园 - 司徒正美
Stack Overflow Blog
Stack Overflow Blog
Y
Y Combinator Blog
Apple Machine Learning Research
Apple Machine Learning Research

Okta Security RSS Feed

Datadog and Okta Combine for New Customer Detections Detecting OpenClaw at Sign-In Okta Hardening Guide Updated to Secure Non-Human Identities Okta Pooled Security Audits: a One-Year Retrospective Account Recovery, without Password Resets Okta’s Response to React2Shell Uncloaking VoidProxy: a Novel and Evasive Phishing-as-a-Service Framework Attackers Target Hotelier Accounts in Malvertising and Phishing Campaign Using Auth0 Logs for Proactive Threat Detection Controlling Cross-App Data Sprawl in Google Workspace How this ClickFix campaign leads to Redline Stealer Paving the Path: Pooled Audits with Okta Security Building Confidence in Support Comms with Caller Verify at Okta Enabling ISO/IEC 27001:2022 Compliance with Okta Okta’s Secure by Design Pledge - One Year On Leveraging Okta System Logs for Proactive Threat Detection Enhancing Customer Trust Through a Comprehensive Audit Program Okta's new Security Technical Implementation Guide (STIG) A Guide to DORA Compliance with Okta How AI services power the DPRK’s IT contracting scams Detect and Prevent Cross Device Authentication How Responsible Disclosures are Shaping a Safer Cyberspace Cybersecurity’s Next Gen Next.js CVE-2025-29927 CSO Conversations: Matthew Hansen, Regional CSO of Americas West Empowering Security with Customer Trust Solutions Putting Security First with Secure Development One trick finds the root of any Okta troubles CSO Conversations: Stephen McDermid, Regional CSO of EMEA Content-Security-Policy in a Complex Environment CSO Conversations: Keiko Itakura, Regional CSO of Japan How Okta Embraces Identity Verification Using Persona CSO Conversations: Matt Immler, Regional CSO of Americas East Raising the Bar for our Industry with IPSIE Cyber-Safety over the Holidays Okta Social Engineering Impersonation Report - Response and Recommendation Okta’s Ongoing Commitment to Secure By Design Unveiling the Essence of the Security Customer Trust Function Security Education Through the Art of Storytelling Seven Ways to Reduce Super Admins in Okta The Case for Zero Standing Privileges FastPass: The battle-hardened authenticator Detecting Cross-Origin Authentication Credential Stuffing Attacks How to Block Anonymizing Services using Okta Why Cyber-heroes need a Zero Trust CAEP! Okta Verify Vulnerability Disclosure Report - Response and Remediation Defensive Domain Registration is a Mug’s Game Protecting Administrative Sessions in Okta How to Secure the SaaS Apps of the Future Okta October 2023 Security Incident Investigation Closure October Customer Support Security Incident - Update and Recommended Actions Unauthorized Access to Okta's Support Case Management System: Root Cause and Remediation Tracking Unauthorized Access to Okta's Support System Go “Secure by Default” With Custom Admin Roles for IT support staff Cross-Tenant Impersonation: Prevention and Detection BYO Telephony and the future of SMS at Okta Saying “No Thanks” to nOAuth Telling More Okta Detection Stories with Google Chronicle An Unexpected Endorsement for WebAuthn Social Engineering is Getting More Extreme, but the Fixes Can Be Simple Study up on Okta Logs for Splunk’s Boss of the SOC! Keeping Phishing Adversaries Out of the Middle Using Workflows to Respond to Anomalous Push Requests Okta and Splunk Combine to Detect Common Attacks Setting the Right Levels of Assurance for Zero Trust Catch-All's and Canary Rules User Sign-in and Recovery Events in the Okta System Log Okta Code Repositories Detecting Real-Time Phishing Attacks Detecting Real-Time Phishing Attacks Okta’s Response to OpenSSL Security Update Monitoring for Abuse of Administrative Privileges System Log: a Window into Supporting the Okta Cloud The Human Factor in Phishing Resistance Auth0 Code Repository Archives From 2020 and Earlier Phishing Resistance and Why it Matters Detecting Scatter Swine: Insights into a Relentless Phishing Campaign Defending against Session Hijacking Unlocking the Mystery of 700+ Okta System Log Events Official Okta Statement on LAPSUS$ Claims Protection, without perimeters We (still) need to talk about RDP Just How Risky is Legacy Authentication?
Five Reasons to Upgrade your Org to Okta Identity Engine
Carmen Girardin · 2024-11-20 · via Okta Security RSS Feed

Both Okta Customer Identity built to support end users’ digital access needs, and Okta Workforce Identity , built to secure your internal workforce, are OIE-eligible platforms.

Okta’s industry-leading Identity solutions are powered by the same underlying infrastructure. Okta Classic is Okta’s legacy engine and the Okta Identity Engine, or OIE, was introduced for all new customers effective March of 2022.

What is OIE?

Okta’s Identity Engine offers the most modern way to customize your Okta experience and implement flexible, customized Identity use cases. OIE is Okta’s newest improved platform engine, offering a security policy framework designed to align with NIST 80063B and an authentication pipeline that strengthens your identity posture while delivering a superior user experience (UX).

Okta Identity Engine grants Okta administrators increased control for administrators over how applications and resources are both protected and accessed, while maintaining a seamless experience for end users.

Why should you upgrade?

There are numerous security features to configure, customize and leverage in the Okta Identity Engine. Key benefits of upgrading your org include:

1. Accessibility

Upgrading an existing Okta org from Okta Classic’s engine to OIE is a free platform upgrade, meaning there is no additional investment required.

Most features and functionality are available immediately post-upgrade to OIE, and the majority of your existing org configurations will seamlessly migrate. Most upgrades only take a few minutes to complete, with no downtime for admins or end users.

Okta also offers exceptional flexibility for administrators looking to upgrade. Admins can use self-service tools to verify your org’s eligibility, resolve any pending action items, and schedule the upgrade at a time that best suits you. Even better, the upgrade from Okta Classic to OIE can be scheduled for any time during your Okta subscription term.

2. Enhanced authentication

Okta Identity Engine is designed to evaluate more granular context during user authentication, but also make authentication policies much easier to manage.

Application-level sign-on policies that were configured on a per-application basis in Okta Classic can instead be configured for multiple applications at once, or according to the assurance level you require from the user to sign-in, using Okta Identity Engine.

In addition, benefits of OIE authentication include the enabling of modern, true multi-factor authentication (MFA) with different factor types and abstraction through assurance level. MFA possession factor constraints are introduced to further secure your org, including phishing-resistant MFA such as Okta FastPass, hardware protected MFA, and the exclusion of any authentication method by name, if you choose. We recommend higher assurance factors, specifically phishing-resistant authentication.

3. Passwordless

In Okta Classic, the default method of sign-in for any policy required the end user to provide a password, unless avoided via factor sequencing which can pose both flexibility and management challenges. To contribute to a  Zero Trust security framework, OIE enables password-specific capabilities including no password or optional password authentication conditions. Please note that both Okta Classic and OIE support factor sequencing.

OIE global session policies, again configurable for an entire org and not only on a per-application basis, can be tailored to require any factor type(s) used to meet the minimum configured authentication policy requirements, which can exclude a password.

For higher assurance, Okta recommends a combination of multiple factor types, specifically biometrics alongside phishing-resistant MFA such as Okta FastPass or FIDO2. An alternative better suited to Customer Identity flows is a configured email magic link authentication sign-on policy, where end users will receive a URL via email for a click-to-login experience.

4. Device assurance

Okta’s Identity platforms both support native device assurance capabilities and seamlessly integrate with device management technologies to further secure your data, enforcing a Zero Trust security framework. Device trust contextual access management solutions enable orgs to protect sensitive corporate resources by only allowing end users with managed devices to access Okta-integrated applications. 

Benefits of device trust in OIE include advanced security authentication configurations factoring in conditions such as the below, among others in order to increase your device assurance posture:

  • Device OS and/or type, 

  • Device password protection and length,

  • Registration status,

  • Whether the device is jailbroken or rooted.

OIE requires the use of Okta Verify to secure your org’s mobile devices. For more on translating device trust from Okta Classic to OIE, visit our knowledge base.

5. Improved admin experience

Okta’s Identity solutions consider the user experience which includes both end users authenticating and technical administrators of the Okta org. Okta’s administrator console supports efficient, methodical Identity management.

In Okta Classic, the admin console boasts the legacy navigation pane with condensed configuration pages, whereas Okta Identity Engine’s navigation pane introduces additional configuration pages, refined more granularly for ease of administrator use. In addition to the new customizable settings in OIE, certain pages have changed which notably introduce an easy-to-navigate user interface.

As previously highlighted, a key benefit is that application authentication policies in OIE can be configured by administrators and assigned to multiple applications in an Okta org, rather than applications uniquely requiring individual policies.

Upgrade now

Ultimately, to best capitalize on Okta’s powerful Identity platforms and improve your security assurance posture, we strongly recommend upgrading your org from Okta Classic to Okta Identity Engine. The key benefits outlined here represent just a fraction of available functionality, ready for you to customize and leverage in your Okta org.

Visit our helpful resources to get started on the platform upgrade from Okta Classic to Okta Identity Engine, joining over 12,000 customers in taking advantage of the updated security features today. For additional support, register now for our free 1-on-1 OIE office hours.

For new or prospective customers interested in OIE, we invite you to check out Okta’s industry-leading Identity solutions by signing up for a free 30-day trial now! For more on OIE, visit our frequently asked questions.

Carmen Girardin is a Manager, Security Communications at Okta. Backed by over a decade of experience in the fintech sector, Carmen is a proficient technical writer with domain expertise in Identity and Access Management (IAM). She is passionate about delivering engaging, timely customer communications on the cybersecurity ecosystem and the evolving threat landscape, to help our customers gain the most value from Okta. Carmen spends her downtime traveling, thrifting for treasures and reading.