This page highlights the articles on this blog that relate to Okta’s Privileged Access Management (PAM) products. These comprise the older Okta Advanced Server Access (ASA) product and the new Okta Privileged Access (OPA).
If you want to see just articles relating to the two products, go to the Okta Privileged Access (OPA) page or the Advanced Server Access (ASA) page. Or you can just click the relevant category listed to the right of this page.
PAM-Related Articles
The most recent PAM-related articles are:
Okta Privileged Access: How to Backup and Restore
This article is to help with Backup and Restore process for Okta Privileged Access (OPA) components managed and maintained outside of the Okta infrastructure. Backing up your Okta PA server agent and Gateway configurations is a proactive safeguard against downtime, and other unwanted negative impacts to your business. OPA does not have capabilities to back…
Okta Privileged Access : User Identity Creation alert
This article is to send a notification to the security team if a new user id is being created on any Okta PA protected resources. This will help the security team to identify new identities directly created on protected servers which are not discovered and being managed by the vault in Okta Privileged Access -…
Okta Privileged Access – Determining and Highlighting Risk in Roles and Policies
Okta Privileged Access provides a flexible framework for controlling who can access what privileged resources and how. This includes resource groups for managing resources, security policies for controlling access, administrative roles to manage them, and principals to use them. Invariably configuring the PAM solution will introduce risk. But how to monitor and manage the risk…
Okta Privileged Access and Access Certification – Getting Roles into the Group Description
As with many SaaS applications in Okta, application entitlement can be managed via Okta Groups pushed to Okta Privileged Access (OPA). This means membership in OPA policies and roles is based on Okta Group membership and thus can be governed by access requests and access certification for those groups. In this article we look at…
Okta Privileged Access and the Reports API – Who has Access to What and How?
With the release of Okta Privileged Access, an API has also been released to provide programmatic access into objects managed by it, such as servers, secrets and gateways. There is a set of Access Reports APIs to allow for external reporting on who has access to what and how. This article explores the APIs, the…
Leveraging Zero Standing Privileges and Shared Account Access with Okta Privileged Access
We all appreciate that a Zero Standing Privileges model is the best approach when it comes to privileged access – if a compromised account doesn’t have standing privileges, then the attacker is limited in what they can do. But the reality for many organisations is that there are still shared accounts with elevated privileges that…
Introducing Secrets Management in Okta Privileged Access
This article explores the new secrets management capability within Okta Privileged Access. Introduction to Secrets Management A key feature of the new Okta Privileged Access product is the introduction of a vault to securely store credentials (or secrets). With the initial release of the product this unlocks two critical use cases: This article will explore…
Okta Privileged Access and Okta Access Requests
Okta Privileged Access (OPA) leverages with wider Okta Workforce Identity Cloud capabilities for many use cases. One of these integrations is with the Okta Access Requests components, that comes as part of the Okta Identity Governance (OIG) product, but also ships in a limited form with OPA. This article explores the two common use cases:…
Okta Privileged Access – A Look at the Data Model
This article provides a simplified view of the data model used in Okta Privileged Access (OPA). Note that this is a logical view of data objects and their relationships, and the term “object” is used very loosely (more like data types). Also this is based on the current Early Access product and may change with…
Okta Privileged Access – A Technical Introduction
The new Okta Privileged Access product was featured in the recent Oktane23 conference. The product became Generally Available on Dec 1 2023. This article is a brief technical overview of Okta Privileged Access (OPA) looking at the components and functions of the product. It is written to provide a backdrop for future material looking at…