Leveraging Adaptive Auth and Device Trust for Enhanced Security and Compliance

Similar documents
Securing Your Salesforce Org: The Human Factor. February 2016 User Group Meeting

Oracle Buys Palerra Extends Oracle Identity Cloud Service with Innovative Cloud Access Security Broker

Tech Data s Acquisition of Avnet Technology Solutions

Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Best Practices in Securing a Multicloud World

Now Platform Technology Deep Dive

Investor Overview 2018

Security Information & Policies

10 FOCUS AREAS FOR BREACH PREVENTION

Build Data-rich Websites using Siteforce

The Oracle Trust Fabric Securing the Cloud Journey

SECURITY & PRIVACY DOCUMENTATION

EXTENDING BEHAVIORAL INSIGHTS INTO RISK-ADAPTIVE PROTECTION & ENFORCEMENT

This presentation and the documents incorporated by reference herein contain forward-looking statements regarding future events and our future

LEADING WITH GRC. Common Controls Framework. Sundar Venkat, Sr. Director Technology Compliance Salesforce

CARBONITE 2015 THIRD QUARTER FINANCIAL RESULTS OCTOBER 28, 2015

Mobile Devices prioritize User Experience

SDL Privacy Policy Cloud Services

Investor Presentation. February 2016

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

TRACKING & MARKETING CLOUD REPORTS

No Country for Old Security Compliance in the Cloud. Joel Sloss, CDSA Board of Directors May 2017

The Etihad Journey to a Secure Cloud

RADIAN6 SECURITY, PRIVACY, AND ARCHITECTURE

How NOT To Get Hacked

Enabling a Multicloud World. Kip Compton VP, Cloud Platform & Solutions Group December 4,

Google Cloud & the General Data Protection Regulation (GDPR)

Fencing the Cloud. Roger Casals. Senior Director Product Management. Shared vision for the Identity: Fencing the Cloud 1

RSA NetWitness Suite Respond in Minutes, Not Months

The Need For A New IT Security Architecture: Global Study On The Risk Of Outdated Technologies

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Combating Cyber Risk in the Supply Chain

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Good Fences Make Good Neighbors: Rethinking Your Cloud Selection Strategy

Seagate Point of View Cloud and Data Center Trend

Trusted Identities. Foundational to Cloud Services LILA KEE CHIEF PRODUCT OFFICER GLOBALSIGN

Data Security and Privacy at Handshake

Mobile Security Overview Rob Greer, VP Endpoint Management and Mobility Product Management Dave Cole, Sr. Director Consumer Mobile Product Management

OpenText Buys Guidance Software

Effective Strategies for Managing Cybersecurity Risks

SOC 3 for Security and Availability

QuickBooks Online Security White Paper July 2017

Qlik Sense Security. Understand security basics of the new Sense platform. 14 October, 2014 Magnus Berg Master Principal Enterprise Architect

Integrating Okta and Preempt Detecting and Preventing Threats With Greater Visibility and Proactive Enforcement

First Look Showcase. Expanding our prevention, detection and response solutions. Sumedh Thakar Chief Product Officer, Qualys, Inc.

BlackBerry to Acquire Cylance

Keep the Door Open for Users and Closed to Hackers

DevOps Anti-Patterns. Have the Ops team deal with it. Time to fire the Ops team! Let s hire a DevOps unit! COPYRIGHT 2019 MANICODE SECURITY

the SWIFT Customer Security

RAPID7 INFORMATION SECURITY. An Overview of Rapid7 s Internal Security Practices and Procedures

Building Trust in the Era of Cloud Computing

Mastering The Endpoint

Un SOC avanzato per una efficace risposta al cybercrime

CIAM: Need for Identity Governance & Assurance. Yash Prakash VP of Products

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

Accelerate GDPR compliance with the Microsoft Cloud Agustín Corredera

Best Practices in Securing Your Customer Data in Salesforce, Force.com & Chatter

Custom Metadata Types

Netwrix Auditor for SQL Server

Google Identity Services for work

THE ROAD TO DIGITAL TRANSFORMATION

Artificial Intelligence Drives the next Generation of Internet Security

Encryption Vision & Strategy

A Practical Step-by-Step Guide to Managing Cloud Access in your Organization

Information Security Policy

Security Architecture

INTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE

Presenter(s): Greg Hill. Topic Experience Actionable Data with Mirth. Level 200

To the Designer Where We Need Your Help

BEYOND CJIS: ENHANCED SECURITY, NOT JUST COMPLIANCE

Cybersecurity The Evolving Landscape

Investor Presentation February 2019

Teradata and Protegrity High-Value Protection for High-Value Data

Maximum Security with Minimum Impact : Going Beyond Next Gen

Building an Effective Threat Intelligence Capability. Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO

Oracle bakes security into its DNA

Traditional Security Solutions Have Reached Their Limit

Webtrends Inc. Service Organization Controls (SOC) 3 SM Report on the SaaS Solutions Services System Relevant to Security

DONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

5348 Vegas Drive Las Vegas, NV 89108, U.S.A. Tel: ; Fax: Website:

RMS(one) Solutions PROGRESSIVE SECURITY FOR MISSION CRITICAL SOLUTIONS

Digital Renewable Ecosystem on Predix Platform from GE Renewable Energy

SECOPS: NAVIGATE THE NEW LANDSCAPE FOR PREVENTION, DETECTION AND RESPONSE

Cyber Criminal Methods & Prevention Techniques. By

Cyber Threat Landscape April 2013

Service Description VMware Workspace ONE

Performing a Vendor Security Review TCTC 2017 FALL EVENT PRESENTER: KATIE MCINTOSH

The simplified guide to. HIPAA compliance

Inside Symantec O 3. Sergi Isasi. Senior Manager, Product Management. SR B30 - Inside Symantec O3 1

Making your Application Social with the Chatter API

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

Building Mobile Force.com Apps for the iphone and ipad

Allot Corporate Presentation

SOLUTION BRIEF RSA NETWITNESS PLATFORM ACCELERATED THREAT DETECTION & AUTOMATED RESPONSE FROM THE ENDPOINT TO THE CLOUD

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

Cincinnati Bell Inc. March 4, 2013

Modern Database Architectures Demand Modern Data Security Measures

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Transcription:

Leveraging Adaptive Auth and Device Trust for Enhanced Security and Compliance CHRISTOPHER NIGGEL, DIRECTOR OF SECURITY & COMPLIANCE SWAROOP SHAM, SR PRODUCT MARKETING MANAGER, SECURITY

CHRIS NIGGEL Director of Security & Compliance, Okta

Disclaimer This presentation contains forward-looking statements within the meaning of the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, which may include, but are not limited to, statements regarding our financial outlook, product development and market positioning. These forward-looking statements are based on current expectations, estimates, forecasts and projections. Words such as expect, anticipate, should, believe, hope, target, project, goals, estimate, potential, predict, may, will, might, could, intend, shall and variations of these terms or the negative of these terms and similar expressions are intended to identify these forward-looking statements. Forwardlooking statements are subject to a number of risks and uncertainties, many of which involve factors or circumstances that are beyond Okta s control. In particular, the following factors, among others, could cause results to differ materially from those expressed or implied by such forward-looking statements: the market for our products may develop more slowly than expected or than it has in the past; quarterly and annual operating results may fluctuate more than expected; variations related to our revenue recognition may cause significant fluctuations in our results of operations and cash flows; assertions by third parties that we violate their intellectual property rights could substantially harm our business; a network or data security incident that allows unauthorized access to our network or data or our customers data could harm our reputation, create additional liability and adversely impact our financial results; the risk of interruptions or performance problems, including a service outage, associated with our technology; we face intense competition in our market; weakened global economic conditions may adversely affect our industry; the risk of losing key employees; changes in foreign exchange rates; general political or destabilizing events, including war, conflict or acts of terrorism; and other risks and uncertainties. Past performance is not necessarily indicative of future results. Further information on potential factors that could affect our financial results is included in our Annual Report on Form 10-K for the year ended January 31, 2018 and other filings or reports filed with the Securities and Exchange Commission that are posted at investor.okta.com. Any unreleased products, features or functionality referenced in this or other presentations, press releases or public statements are not currently available and may not be delivered on time or at all. Product roadmaps do not represent a commitment, obligation or promise to deliver any product, feature or functionality. Customers who purchase our products should make their purchase decisions based upon features that are currently generally available. The forward-looking statements contained in this presentation represent the Company s estimates and assumptions only as of the date of this presentation. Okta assumes no obligation and does not intend to update these forward-looking statements whether as a result of new information, future events or otherwise. This presentation contains estimates and other statistical data that we obtained from industry publications and reports generated by third parties. These data involve a number of assumptions and limitations, and you are cautioned not to give undue weight to such estimates. Okta has not independently verified the statistical and other industry data generated by independent parties and contained in this presentation and, accordingly, Okta cannot guarantee their accuracy or completeness. Expectations, estimates, forecasts and projections are subject to a high degree of uncertainty and risk. Many factors, including those that are beyond Okta s control, could cause results or outcomes to differ materially from those expressed in the estimates made by the independent parties and by Okta.

Privacy by design Trust is our number one value Okta was born in the cloud Our approach to data privacy is simple: Customers own their data Okta only uses data to provide our service We keep our customers data safe and secure

Our approach to security Offensive security Defensive security Trust and compliance

Offensive Security Peer code reviews Security Research 65,000+ automated unit, acceptance, and security tests OWASP Top 10 and SANS Top 20 Internal and external penetration testing teams Secure code training

Defensive Security Organization-level Encryption Need-to-know access Hardened endpoints Monitoring and Detection Incident Response Industry Breach Reviews

Trust and Compliance Highly available Architecture Region-specific storage Okta on Okta Strong Access Controls Multiple Industry Certifications SOC2, ISO 27001, CSA STAR, HIPAA, FedRAMP

Don t take my word for it Audit Reports available to customers 3 rd Party Pen test reports Public Bug Bounty Program Customer Pen Testing

Your partner in security Gain visibility into the cloud landscape Make security mobile Use automation to quickly react

SWAROOP SHAM Sr. Product Marketing Manager, Security, Okta

Building for Security and Compliance

Building for security and compliance Context Okta ThreatInsight Okta Service Security & Compliance *ThreatInsight is expected to be available in the second half of 2018

Okta ThreatInsight: Aggregated data powering security Financially Motivated Attackers National State Attackers Password Stuffing Phishing Script Kiddies Social Engineering Brute Force Attacks Password Spraying Ingest Intelligence and Identify Attackers Okta ThreatInsight Okta Threat Insight: Conditional Access Control *ThreatInsight is expected to be available in the second half of 2018

Okta ThreatInsight: Aggregated data powering security User Identifier IP Address Strong Authentication Policies Anomaly Detection Application Incident Enrichment

Building for security and compliance Context Okta Threat Insights User Network Device App Location Okta Service Security & Compliance *ThreatInsight is expected to be available in the second half of 2018

Adaptive authentication: Context Group/Role User agent Lat/Lon In-Network IP Sensitive data Bad IPs Login velocity Device fingerprint Country Out-Network IP User group Malicious user behavior Work location Devices per user State Proxy Working hours Managed City Anonymizer Typing speed Known device Prohibited country Known bad IPs Concurrent login Secure device Auth. method

Building for security and compliance Context Okta Threat Insights User Network Device Rule Based Policy Engine App Location Risk Based Okta Service Security & Compliance *ThreatInsight is expected to be available in the second half of 2018

Match authentication to the risk observed from context Login within High known Login working Velocity hours Known New Device Same New Location In-Network New IP IP AWS O365 S3 Not a Suspected suspected IP IP Same location Same device Login within working hours, Same device, New location, New IP High login velocity, New device, New location, New IP, Suspected threat IP Low High Low High Low High Password **** ** Okta Verify with Push Okta Verify + U2F 20

Adaptive authentication: Customize response based on context Context Response Okta Threat Insights User Network Device Rule Based Policy Engine Respons e Response App Location Risk Based Okta Service Security & Compliance *ThreatInsight is expected to be available in the second half of 2018

Secure passwordless experience User in Office Logs in using company issued laptop Prompted for OV Successfully logs in Accesses O365 No auth req d No auth req d No auth req d Accesses O365 and other apps Logs into Box using company issued laptop User at home This is a user who is known to login only from 2 locations office and home Using an Okta issued laptop or his personal iphone for which we have identified the fingerprints

User experience User in Office Logs in using company issued laptop Prompted for OV Successfully logs in Accesses O365 No auth req d Prompted Okta Verify with Push Tries to access Outlook after x hours/min Successfully logs in Prompted Okta Verify with Push New IP SFDC Accesses SFDC using company issued device User goes to an airport This is a user who travels frequently and doesn t have a known location other than office and home Using an Okta issued laptop/ipad or his personal iphone for which we have identified the fingerprints New session interval changes to x hours once a public IP or an unknown IP is encountered

Response: Use authentication factors of choice Select your method of authentication(s) Choose factors other than password Select your criteria Flexibility to prompt for stronger authentication factors for high risk use cases

Secure passwordless authentication

APPLICATIONS ENFORCEMENT ORCHESTRATION Workflow Orchestration Network Security App Delivery Applications Analytics CASB API Mgmt IaaS

Building for security and compliance: Key takeaways 1 Security and compliance by design 2 Risk-based contextual access and response 3 Enforcement and visibility across all applications

Thank You

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback