This week we joined more than 2,500 IT pros, cloud experts and developers at Oktane17 in Las Vegas to showcase our Credential Providers designed specifically for the Okta environment.
This solution originated when Okta requested that we develop a custom application for their customers that would help them with secure authentication into their sensitive systems. It was an understandable request. One of the most common problems that continues to afflict IT departments is the need to securely reset passwords or unlock accounts on Windows systems.
So, to ease this burden for IT professionals, we developed an integration with Okta that provides both multi-factor authentication (MFA) and password reset functionality in one Credential Provider.
The Lieberman Software Okta Credential Provider
With this Credential Provider, organizations can enhance their cloud-based Okta Single Sign On (SSO) service with custom on-premises Windows GINA applications for Okta. The Credential Provider combines two single-function applications: the Self-Service Password Reset Credential Provider and the MFA Credential Provider.
- Self-Service Password Reset Credential Provider enables users to reset their passwords or unlock their accounts on Windows workstations or servers from the Windows desktop login. This feature directs users to their corporate Okta SSO page. From there, they can securely reset their without involving the Help Desk.
- MFA Credential Provider requires end-users to utilize Okta MFA when logging into Windows systems. This adds an additional layer of security for sensitive servers by prompting users to authenticate with something they know (such as a username and password) along with something they have (such as an Okta Verify password).
Securing Systems Against Compromised Credentials
We were joined at Oktane 17 by our partner VeriClouds. Our Credential Provider leverages their technology to prevent known compromised passwords from being used. If a user attempts to log into a system with a compromised credential, the login can be blocked until the password is reset. That stops compromised users from accessing sensitive systems.
Passwords are high value assets for cyber attackers. Targeted phishing attacks, key loggers and brute force attacks are commonly used to steal the credentials that intruders need to gain access to sensitive systems. According to Verizon’s 2017 Data Breach Investigations Report, “80% of hacking-related breaches leveraged either stolen passwords and/or weak or guessable passwords.”
Jane Grafton, our Director of Marketing, is the one who heads up our Okta partnership. She was at Oktane 17 and had this to say about the reception of our Credential Provider at the show: “It’s very satisfying to cook something up and have it exceed your expectations. That’s how I feel about our relationship with Okta. We cooked up these applications for their customers and the recipe has been so well received we’re getting lots of hungry, satisfied customers.”
“It’s a true win-win-win: for Lieberman Software, for Okta, and for our mutual customers.”
Securing the “Other” Accounts
We also fielded a lot of inquiries from Okta users during the show who’d heard that we can help protect their powerful privileged identities. Okta is great for securing user accounts, but what about “the other accounts” we were asked by Oktane attendees. They were referring, of course, to the privileged accounts – like root or administrator – that exist throughout the enterprise.
Privileged identity management is one of our specialties, we explained. Our award-winning RED Identity Management solution excels at scaling to large environments and automating the credentials changes for privileged accounts enterprise-wide.
If you like this topic, please subscribe to our Cyber Defense Newsletter.
You can also follow us on Twitter.