Smarter Access Control: A Deep Dive into Okta Authentication Policies and Related Elements

>_this article is based on the okta SSO and adaptive MFA License Authentication policies in Okta provide a flexible and powerful way to control how users access applications and services. By defining specific conditions—such as user group membership, device trust level, location, or network—administrators can enforce tailored authentication requirements like multifactor authentication (MFA) or passwordless … Continue reading Smarter Access Control: A Deep Dive into Okta Authentication Policies and Related Elements →

Factor Sequencing on OIE: Authentication Method Chains

When OIE was released it championed assurance levels rather than specific authenticators. This provided a better experience for the majority of users and administrators. This ease of use came at the cost of easily being able to specify specific factors or factor orders which some customers required typically for compliance or regulatory reasons. Many of … Continue reading Factor Sequencing on OIE: Authentication Method Chains →

MFA Can Now Be Applied to Secret Access Policy in Okta Privileged Access

Okta Privileged Access (OPA) has had the option to turn on Multifactor Authentication (MFA) for server access policy for some time. This has now been extended to cover secret access policy. If you have worked with OPA Policy Rules for Secrets you will be familiar with the following that shows the permissions that can be … Continue reading MFA Can Now Be Applied to Secret Access Policy in Okta Privileged Access →

Advanced Server Access PLUS step-up MFA for sudo with RADIUS

Okta’s Advanced Server Access (ASA) eliminates password and SSH-key challenges with just-in-time, ephemeral certificates, improving security and user experience. While ASA doesn’t support transactional MFA, Okta’s RADIUS agent with the libpam_radius module enables sudo step-up MFA. The guide details RADIUS agent setup, server configuration, and sudo entitlement adjustments for enhanced security.

Get your Fact(or)s Straight!

MFA, Passwordless and Phishing Resistance are all terms we are hearing more and more lately. MFA usage has nearly doubled since 2020 according to Okta's recent Secure Sign in trends report discussed here Unfortunately there is a lot of confusion around what these terms and more basic ones like Factors and Authenticators actually represent. This … Continue reading Get your Fact(or)s Straight! →

Top 3 Actions for Technologists to help maximise the value of your businesses cyber security insurance

I recently had the privilege of organizing a knowledge-sharing webinar, where we brought together a panel of cyber security insurance (CSI) experts. Our discussion revolved around the present and future state of the industry, and I gained a wealth of valuable insights along the way which inspired this blog. One of the prevailing themes during … Continue reading Top 3 Actions for Technologists to help maximise the value of your businesses cyber security insurance →

How 3rd Party Partners can relay/forward the actual origin IP using the Okta Factor APIs

Enrich the Okta Verify Location context using the actual end user's location