Leveraging Zero Standing Privileges and Shared Account Access with Okta Privileged Access

We all appreciate that a Zero Standing Privileges model is the best approach when it comes to privileged access - if a compromised account doesn't have standing privileges, then the attacker is limited in what they can do. But the reality for many organisations is that there are still shared accounts with elevated privileges that … Continue reading Leveraging Zero Standing Privileges and Shared Account Access with Okta Privileged Access →

Introducing Secrets Management in Okta Privileged Access

This article explores the new secrets management capability within Okta Privileged Access. Introduction to Secrets ManagementThe Vault, Secrets and FoldersResource Administration and Security PolicyAn Example of Generic Secrets ManagementThe configuration in Okta and Okta Privileged AccessOkta Users and GroupsResource Groups and ProjectsDefining Top-Level Folders as the SecretAdminDefine Secrets PoliciesManaging Folders and SecretsUser (Linux Sysadmin) ViewConclusion … Continue reading Introducing Secrets Management in Okta Privileged Access →

Okta Privileged Access – A Look at the Data Model

This article provides a simplified view of the data model used in Okta Privileged Access (OPA). An OverviewDirectory ObjectsResource Administration ObjectsSecurity Administration ObjectsSummary Note that this is a logical view of data objects and their relationships, and the term "object" is used very loosely (more like data types). Also this is based on the current … Continue reading Okta Privileged Access – A Look at the Data Model →

Okta Privileged Access – A Technical Introduction

The new Okta Privileged Access product was featured in the recent Oktane23 conference. The product is currently (Oct 23) in early access with General Availability expected in Dec 23. This article is a brief technical overview of Okta Privileged Access (OPA) looking at the components and functions of the product. It is written to provide … Continue reading Okta Privileged Access – A Technical Introduction →

IGA and PAM – Managing Identities in a Red Hat OpenShift Environment

You might have missed it as there wasn’t a lot of press, but IBM recently acquired a small startup called Red Hat. As with many IBMers, I have been on a steep learning curve to understand the capabilities this brings. As an interesting exercise, I thought I’d treat the OpenShift stack as an identity project … Continue reading IGA and PAM – Managing Identities in a Red Hat OpenShift Environment →