Unlocking Workday Security Groups Governance: Integrating Okta OIG with Custom Workflows and Universal Directory

Introduction Today, safeguarding organizational assets and ensuring compliance with regulatory standards are paramount concerns for businesses of all sizes. Within this context, the integration of Workday's security groups with Okta Identity Governance (OIG) emerges as a critical need, given the central role these platforms play in managing employee data and access privileges. However, there is … Continue reading Unlocking Workday Security Groups Governance: Integrating Okta OIG with Custom Workflows and Universal Directory →

OIG Entitlement Management Videos on YouTube

Some colleagues have recently published a set of videos on YouTube (okta channel) highlighting some of the features of the new Entitlement Management capability in Okta Identity Governance (see out Entitlement Management page for more information on the product). Most of the videos will show up by searching for "entitlement" and "okta" (https://www.youtube.com/results?search_query=entitlement+okta). It may … Continue reading OIG Entitlement Management Videos on YouTube →

Okta Privileged Access – Determining and Highlighting Risk in Roles and Policies

Okta Privileged Access provides a flexible framework for controlling who can access what privileged resources and how. This includes resource groups for managing resources, security policies for controlling access, administrative roles to manage them, and principals to use them. Invariably configuring the PAM solution will introduce risk. But how to monitor and manage the risk … Continue reading Okta Privileged Access – Determining and Highlighting Risk in Roles and Policies →

Okta Privileged Access and Access Certification – Getting Roles into the Group Description

As with many SaaS applications in Okta, application entitlement can be managed via Okta Groups pushed to Okta Privileged Access (OPA). This means membership in OPA policies and roles is based on Okta Group membership and thus can be governed by access requests and access certification for those groups. In this article we look at … Continue reading Okta Privileged Access and Access Certification – Getting Roles into the Group Description →

User Access Reviews in Okta Identity Governance

This article explores the new user campaign (User Access Review) feature in Okta Identity Governance (OIG) Access Certifications. IntroductionSetting Up a User CampaignGeneral Set UpUsers SelectionResources StepReviewer StepRemediation StepRunning a User CampaignLaunching the CampaignCampaign ReviewMonitoring, Managing and ReportingConclusion Introduction The ability to build and run access certification campaigns against resources in Okta (groups and applications) … Continue reading User Access Reviews in Okta Identity Governance →

New Reviewer Options in OIG Access Certification

There was a recent change to the reviewer selections for Okta Identity Governance (OIG) Access Certification to allow for more options and to simplify the administrative experience. The feature is currently an Early Access feature (the "Reviewer Assignment" enhancement) that can be turned on in an OIG-enabled Okta org. It will roll into production over … Continue reading New Reviewer Options in OIG Access Certification →

Risk-Based Application Certification in OIG

If you were at Oktane22, or have listened to the Oktane22 roadmap sessions, you will know risk and use of risk signals is a key focus for Okta going forward. This includes leveraging risk in Okta Identity Governance (OIG), to help make access requests and access certification more effective. But can you leverage risk today? … Continue reading Risk-Based Application Certification in OIG →

OIG – Triggering Workflows From Access Certification Reviews

Okta Identity Governance (OIG) provides an access certification component for reviewing users and their access. When reviewing access, a reviewer (such as a users manager) can approve or revoke the access (or reassign). With the revoke action, the access certification campaign can be configured to automatically remove access or do nothing (i.e. leave the access … Continue reading OIG – Triggering Workflows From Access Certification Reviews →

Access Certification – Helping Reviewers Decide whether to Approve or Revoke Access

The user interface, and general user experience, has been a challenge with Identity Governance and Administration (IGA) products for many years. Unlike many IT products, IGA solutions are used by all business users and need an easy to use and understand interface. This is particularly so with Access Certifications - business owners (like managers or … Continue reading Access Certification – Helping Reviewers Decide whether to Approve or Revoke Access →

OIG – Certification for External System Entitlements

A common ask for Okta Identity Governance (OIG) is to be able to do access certification on external application data. Currently OIG can only run campaigns on objects (group memberships and application assignments) in the Okta Universal Directory (UD). Importing of external system entitlements is on the product roadmap. But with some understanding of the … Continue reading OIG – Certification for External System Entitlements →