Okta drives a new trajectory for directories

Cloud identity authentication specialist Okta has used its Oktane 2017 conference and exhibition to extend the capabilities of its Okta Identity Cloud platform.

To clarify, the firm now brings forward advancements designed to power a new independent directory standard and integration ecosystem.

Before we explain what these things mean, let’s also note that the updates here include a Lightweight Directory Access Protocol (LDAP) interface for Okta Universal Directory, an expanded, richer Okta Integration Network, automated access for customers and partners and end-to-end auditing.

What’s all this directory direction?

So hang on, the ‘problem’ here is that firms who specialise in directory technologies are often so keen to tell you about updates, they forget to explain what role they play.

A directory in this sense (and Okta Universal Directory (UD) specifically here) is a platform that delivers user profiles and fine-grained control over how attributes flow between applications. This enhancement is supposed to make it easier for organisations to create and maintain a single source of truth for its users, enabling secure authentication and provisioning scenarios.

Deeper here then as defined by TechTarget, LDAP (Lightweight Directory Access Protocol) is a software protocol for enabling anyone to locate organisations, individuals and other resources (such as files and devices in a network), whether on the public Internet or on a corporate intranet.

“While the benefits of the cloud have been well established for years, many organisations are still unable to take full advantage of new services due to their reliance on legacy infrastructure, which adds complexity and cost to implement and use,” said Eric Berg, chief product officer at Okta. “Modern IT requires a dynamic system that can help [it] match the racecar pace of technology innovation.”

These extensions are intended to make it easier for software application developers and IT administrators to manage the breadth of on-premises and cloud-based applications, devices… and people, all involved in modern business.

Updates to the Okta Identity Cloud include the news that Okta now supports LDAP-enabled applications to directly authenticate against Okta Universal Directory. This (so says Okta) eliminates the need for on-premises directories for small and mid-sized organisations.

According to Okta, “Cloud and mobile IT teams can authenticate developer tools, databases, or other legacy apps and can effectively use Okta Universal Directory as their core directory. Enterprises can accelerate their move off legacy on-prem directories, replacing them with Okta Universal Directory as the connection point to traditional LDAP-enabled applications such as Atlassian on-prem, Github on-prem, and popular VPNs.”

Solar energy company and Okta customer Vivint Solar has explained that it uses the Okta Identity Cloud to push in-house and third-party developed tools through its cloud-hosted environment to 4,500 employees throughout the company.

Universal Directory provided us with one place to manage our users, groups and devices from any number of sources. Since starting with Okta, we have added more than 20 apps,” said Mark Trout, CIO and CTO at Vivint Solar.

Okta has also expanded and deepened the set of integrations to the Okta Identity Cloud, providing a unified identity layer across diverse business networks and systems and new solutions around workflow management, business analytics, security automation and hybrid IT.

Through integrations with technology partners such as Palo Alto Networks, F5, IBM QRadar, and Splunk, the Okta Integration Network offers joint solutions to solve the breadth of challenges that IT departments face moving to the cloud.

The company is also extending the Okta Lifecycle Management service with self-service registration and lifecycle policies that enable IT to automate access for external users such as customers or partners, from registration to audit.

Automation advancements

Essentially this is all about enhancing the amount of automation in the product itself… if a new set of partners (or any other kind of user) were to be starting use of Okta, then automation takes the form of self-service registration which is very time consuming.

Along with rogue account detection, these are the layers that put the A in Adaptive for the Okta Adaptive Multi-Factor Authentication product claimed CEO Todd McKinnon at the firm’s Okta Oktane 2017 conference this year.

This is story that is still crystallising and developing i.e. developers don’t traditionally care about identity and access authentication issues too much, but specialists in this space are trying hard to change that.