As the landscape of digital identities evolves, these new capabilities aim to provide organisations with the same level of visibility and control for non-human identities as they have for human ones.
The rise of non-human identities, including service accounts, API keys, and automation tools, presents unique security challenges. Deloitte forecasts that by 2027, half of all companies using generative AI will also adopt AI agents, leading to a surge in these types of identities. However, many organisations are unprepared; last year, only 15% reported confidence in their ability to secure non-human identities.
“Amid the excitement of embracing the next wave of generative AI, companies are moving quickly to deploy agentic use cases, often overlooking the critical need to secure these systems,” says Arnab Bose, chief product officer at Okta.
This oversight can lead to identity sprawl, increasing the complexity of managing access and security across diverse systems.
The new features in the Okta Platform include enhanced Identity Security Posture Management and Privileged Access capabilities. These tools allow organisations to discover, secure, and manage non-human identities more effectively while ensuring that automation remains governed by Zero Trust policies. Continuous monitoring of risks and vulnerabilities is also a key component of this strategy.
Additionally, the introduction of Separation of Duties (SoD) in Okta Identity Governance helps prevent users from accumulating conflicting access permissions, which can expose organisations to fraud and compliance violations. By enforcing SoD policies based on predefined business rules, companies can better manage access rights and reduce insider threats.
Okta is also launching new Secure Device Features, which integrate device context into access control decisions. This approach minimises multi-factor authentication (MFA) fatigue and enhances credential security by ensuring that only trusted devices can access sensitive resources.
As organisations increasingly rely on diverse applications, Okta's Secure Identity Integrations provide deep, out-of-the-box security for critical applications like Google Workspace, Microsoft 365, and Salesforce. This integration goes beyond standard single sign-on (SSO) and lifecycle management, offering organisations the ability to manage user privileges and rapidly respond to emerging threats.
In a rapidly changing digital environment, the ability to secure both human and non-human identities is vital for maintaining operational integrity and protecting sensitive data. With these new capabilities, Okta aims to equip organisations with the tools necessary to navigate the complexities of identity management while fostering a secure, compliant digital workspace.