Okta and the OpenID Foundation today announced the formation of an OpenID Foundation working group with Ping Identity, Microsoft, SGNL, and Beyond Identity as the first step towards establishing a new identity security standard, the Interoperability Profile for Secure Identity in the Enterprise [IPSIE]. The vision of this new, open standard is to provide a framework for SaaS companies to enhance the end-to-end security of their products across every touchpoint of their technology stack.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20241016143671/en/

Identity Security Standard: Interoperability Profile for Secure Identity in the Enterprise [IPSIE] (Graphic: Business Wire)

Why it Matters:

• Thousands of different applications in the cloud today are built without secure identity.
• Until now, there has never been a framework for SaaS builders to bring together new and existing technologies like SSO, risk signal sharing and session termination.
• We are already working together with leading SaaS providers to embrace this new standard.
• Over 50 leading enterprise SaaS apps including Google, Microsoft Office 365, Slack, and Atlassian have already built features and APIs that support aspects of this future standard.

“Okta is focused on elevating the entire technology industry to be better protected from attacks. Our goal with IPSIE is to standardize identity security and help foster an open ecosystem where building and using enterprise applications that are secure by default is easy for everyone,” said Todd McKinnon, CEO and Co-Founder at Okta. “We are proud to have led the formation of this working group within the OpenID Foundation as we work to standardize identity security and make the world a more secure place.”

What’s New - Identity Security Standard: Interoperability Profile for Secure Identity in the Enterprise [IPSIE]:

Okta is determined to get security right and in order to get security right, you need to get identity right. The future of the industry rests in not just securing identity, but also having a secure identity standard that is open and available to everyone. Okta’s mission has always been to free everyone to safely use any technology and this standard is a step closer to making this a reality.

The formation of the IPSIE working group with OpenID Foundation will enable identity providers, ISVs and public and private sector organizations to integrate identity security across every facet of their ecosystem. In addition to the basics of SSO and MFA, IPSIE will enable organizations to better control governance, entitlements, workflows, authorization, and continuous authentication to detect risk signals effectively and take actions to manage their identity security posture.

To support the integration of critical identity security capabilities into SaaS apps, IPSIE aggregates a set of existing and new standards. These include:

• Single Sign-On: Centralize login, policies, and enforcement
• Lifecycle Management: Secure user on/offboarding and prevent security risks like orphaned accounts and shadow directories to avoid unauthorized access
• Entitlements (Governance/ Privileged Access): Enforce least privilege access and move toward zero standing privileges
• Risk Signal Sharing: Seamless security insights sharing across your entire security ecosystem
• Session Termination: Immediately terminate all user sessions in response to detected threats

By advancing identity security standards and fostering a more open ecosystem, IPSIE empowers organizations to:

1. Gain more complete visibility across the identity threat surface: With more insights into their identity security, organizations can better protect themselves against cyber attacks, ensuring the right access is granted at the right time and enabling real-time responses to breaches.
2. Build secure-by-default SaaS applications more seamlessly and efficiently: Any app built to the standard will adhere to a higher level of security by ensuring that it can be governed, manage entitlements, support MFA, posture management, and real-time universal logout.
3. Drive consistency and flexibility across SaaS: These standards enable consistent security outcomes across SaaS applications. They also allow for simplified compliance and reduced integration challenges that encourage flexibility and choice within an organization’s tech stack.

To further encourage the adoption of IPSIE, Okta is taking integration to the next level with:

• 100+ new integrations across top ISVs: Okta has worked with leading SaaS vendors to build over 125 deep integrations with some of the most widely adopted enterprise applications, including Google, Microsoft Office 365, Slack, and Atlassian. These applications support features which will be included in the standard to better meet the tech ecosystem and customers where they are today, while providing a framework to better protect them in the future.
• Okta Customer Identity Cloud (CIC) will enable every app builder to easily build their applications to be IPSIE-compliant and secure by default: Starting with our new free and self-serve plans all the way to our enterprise plans, developers of any size will be able to use IPSIE-standard features like SSO, MFA, SCIM and Universal Logout.

What’s New - Secure Identity Assessment (SIA):

We know organizations are struggling with identity security debt and how to manage it as they face a multitude of challenges from ensuring compliance, reducing operational complexity, and securing their own infrastructure from breaches.

At Okta, we have a wealth of experience and lessons learned with our internal security debt management program, and bringing critical security debt down to zero. We’re extending this to our customers with the Secure Identity Assessment (SIA), our end-to-end approach to reduce our customers’ identity debt by equipping them with the tools and expertise to identify vulnerabilities like admin sprawl, improve their identity infrastructure, and adopt the strongest possible security posture on an ongoing basis.

SIA combines the best of Okta’s expert advice with identity security controls, training, and certifications to help organizations enhance their overall security posture and lower their identity debt. As part of SIA, Okta provides customers with an Identity Security Checklist to assess vulnerabilities, an Identity Security Maturity Assessment to track security progress, Okta Expert Assist for guided setup and best practices, and Okta Learning with access to instructor-led training and certifications.

The assessment provides:

• Comprehensive Identity evaluation: Identify misconfigurations, orphaned accounts, and security gaps with an expert-driven approach.
• Tailored recommendations: Implement custom remediation plans based on your org’s size, structure, and security needs to address technical debt efficiently.
• Proactive risk reduction: Strengthen your security posture and streamline compliance through actionable insights and periodic assessments.

SIA offers a clear roadmap for reducing identity debt and working towards compliance in a complex regulatory environment. It comes in three flexible service tiers: Premium, where large customers get comprehensive discovery sessions and in-depth analysis; Advanced, offering targeted recommendations and partner-assisted discovery sessions, ideal for mid-sized orgs focused on reducing identity debt; and Essential, where customers can start with self-paced or partner-guided assessments using Okta’s tools—perfect for smaller teams or those seeking a scalable solution.

About Okta

Okta is The World’s Identity Company™. We secure Identity, so everyone is free to safely use any technology. Our customer and workforce solutions empower businesses and developers to use the power of Identity to drive security, efficiencies, and success — all while protecting their users, employees, and partners. Learn why the world’s leading brands trust Okta for authentication, authorization, and more at okta.com.

View source version on businesswire.com: https://www.businesswire.com/news/home/20241016143671/en/