New Delegate Feature in OIG

Okta has recently released a delegate feature in Okta Idenity Governance. This feature allows all governance activity, such as reviewing access requests or access certifications, to another Okta user (optionally for a set period). This article introduces the new feature. IntroductionSetting a DelegationAs an AdministratorAs a UserAccess Requests as the DelegateAccess Certification as the DelegateDelegate … Continue reading New Delegate Feature in OIG →

The New Unified Requester Experience in OIG

This article introduces the new Access Requests - Unified Requester Experience that is currently rolling out as an Early Access feature in Okta Identity Governance (OIG). The Background As Okta was building its new Identity Governance and Administration (IGA) product, it acquired a company to provide what would become the Access Requests component of Okta … Continue reading The New Unified Requester Experience in OIG →

Privileged Access Management for Microsoft Active Directory with Okta

Microsoft Active Directory is pervasive across industry, and thus a common target for hackers, particularly with the abundance of privileged accounts. In this article we look at how the Okta Workforce platform can use different approaches to managing privileged access and reducing the risk of these accessed. It includes just-in-time provisioning of access and dynamic … Continue reading Privileged Access Management for Microsoft Active Directory with Okta →

A Brief Intro to SoD with OIG

Okta has just released a separation of duties feature into Okta Identity Governance. This article provides a brief introduction to the feature. IntroductionConfiguring SoD RulesRequesting Access with SoD ChecksRecertifying Access with SoD ViolationsReporting with SoDConclusion Introduction Separation of Duties (or Segregation of Duties, or more commonly SoD) has been a standard control for identity governance … Continue reading A Brief Intro to SoD with OIG →

Importing Entitlements for Disconnected Apps in OIG

Okta recently introduced a new feature into Okta Identity Governance for importing users and entitlements for disconnected apps via a CSV import. This article explores the new feature. IntroductionConfigurationStep 0 - Enable the FeatureStep 1 - Create New App Instance in OktaStep 2 - Define additional app user profile attributesStep 3 - Enable the Governance … Continue reading Importing Entitlements for Disconnected Apps in OIG →

An Introduction to Resource Collections in OIG

This article introduces the new Resource Collections feature in Okta Identity Governance, looking at how collections are defined, requested and reviewed. Introduction Okta has introduced a new feature into Okta Identity Governance (OIG) called Resource Collections (or sometimes referred to as just Collections). They are a way to define a role that spans different entitlements … Continue reading An Introduction to Resource Collections in OIG →

Reduce Risk through Governance for Okta Administrators

In this article we explore the different patterns for associating users with administrative roles and how we can reduce the risk around these using governance. There are multiple articles listing the controls that should be applied to the administrative access in Okta, but this article will focus on the governance controls. Introduction Okta administration is … Continue reading Reduce Risk through Governance for Okta Administrators →

Governance for Okta Privileged Access Server Resources

This document describes the approach and mechanism to run a certification campaign to review Okta Privileged Access Resource (Server) access. Introduction Overview The Aim of the Solution How the Solution is Built Building Okta Privileged Access Sync Connector OPA Data Sync Steps Step 1: Okta Application Setup Step 2: Setup Workflow Step 2.1 Create Connections … Continue reading Governance for Okta Privileged Access Server Resources →

The Combined Power of Okta Privileged Access and Okta Identity Governance

This article looks at the benefits of combining Okta Privileged Access with Okta Identity Governance to reduce the risk of using privileged accounts and access. IntroductionUsing Okta Identity Governance to Enhance Okta Privileged AccessJust-in-time Access ApprovalAccess Requests for OPA AccessAccess Certification for OPA AccessEnhancing the Information Available to ReviewersLeveraging Okta WorkflowsSaaS Service Accounts and OIN … Continue reading The Combined Power of Okta Privileged Access and Okta Identity Governance →

New Features for the Access Request Conditions and Resource Catalog in Okta Identity Governance

Two new features have been introduced into the Access Request Conditions and Resource Catalog (aka RCAR) feature in Okta Identity Governance - Request on Behalf Of, and User-specified Access Duration. This article introduces these new features. Request On Behalf Of Okta Identity Governance introduced the ability to request access on behalf of another user into … Continue reading New Features for the Access Request Conditions and Resource Catalog in Okta Identity Governance →