Okta, an identity and access management (IAM) provider, has announced plans to increase its investment in security and has launched a Secure Identity Commitment. The commitment includes four key initiatives: solidifying its position as a market leader, promoting best practices around identity, elevating the identity sector, and strengthening its own infrastructure. This decision comes after Okta experienced a series of cyber attacks, including high-profile compromises of prominent Las Vegas casino operators. The organization recognizes the need to help its customers adopt best practices in identity management and prevent future attacks on its products. Okta’s EMEA Chief Information Security Officer, Stephen McDermid, stresses the importance of being at the forefront of addressing these issues. The attacks on Okta’s customers originated from hackers breaking into an employee’s personal Google account and stealing credentials. In response, Okta launched Project Bedrock, suspending all functional development for 90 days to focus solely on security. McDermid acknowledges Okta’s position as a market leader and the continuous threat it faces, emphasizing the necessity of being prepared for evolving attack methods. As a result of Project Bedrock, Okta has made improvements to its security measures, including session time-outs for administrators and restrictions on support case access for admins. Okta is also focusing on enhancing its customer outreach and communication, aiming to create a more transparent relationship with its customers. McDermid has held numerous calls with customers to address the incident and provide reassurance that Okta is committed to improving its own security and supporting its customers. While the experience has not been ideal, McDermid notes that the majority of customers understand that such incidents can occur.
Menu
