Shape Security and Okta announced the joint partnership to strengthen the security posture for enterprise customers. This is an exciting development for enterprise customers. To compete effectively, every company must become a technology company. This is a growing and irreversible trend. A part of becoming a technology company means that each company must revisit its technology stack as part of its digital transformation. The part of the digital transformation requires that companies build a secure perimeter for workforce and customers to do frictionless business and drive higher productivity. The initiative to support such digital transformation includes how to build modern web and mobile apps suitable for the global workforce and demanding customers around the world.
Enterprise companies are working tirelessly to ensure better security and frictionless experience for their workforce and customers. Their journey continues for deploying frictionless workforce and customer experience solutions while preventing any security breaches. Two clearly fast-growing patterns of best practices to support this frictionless security initiative are as follows:
- Authentication and Authorization as a Service
- Online Fraud Detection and Protection as a Service
Authentication and Authorization as a Service:
The modern applications require microservices to handle each and every authentication and authorization request encrypted end-to-end. These microservices are not only applicable for workforce users but also for customers. One of the best practices of developing a modern application is decoupling authentication and authorization services from its core business logic. This way the application benefits from all the modern authentication and authorization services offered by the best-in-class platform vendors like Okta.
Such microservices need to provide a platform to integrate any and all applications. Okta has demonstrated this capability through its Identity Cloud where 5,500+ applications are pre-integrated and work out of the box. Many customers require their application vendors to be part of the Identity Cloud.
The platform supporting these microservices also offers rich features and functionality to 1) handle central user repository for all things companies need to manage user accounts,
2) single sign-on (SSO) to all applications in the cloud or on-premise,
3) adaptive multi-factor authentication for login verifications by user or machine, and
4) user lifecycle management for provisioning and deprovisioning to target applications.
Online Fraud Detection and Prevention as a Service:
The modern application also requires microservices that are designed to deploy preventative measures to drive productivity by eliminating user friction as well as possibilities of data breaches. Since the users are the source for most of data breaches, the modern security architecture also needs to factor in how to take proactive actions to prevent attack vector that involves user accounts. Such action includes prevention of account takeovers and sophisticated botnet attacks.
Most of these breaches are possible due to compromised users. Attackers simulate entire populations of users with genuine human characteristics to conduct fraud at scale. They use credential stuffing to test large numbers of compromised credentials (i.e., usernames and password breached from another site) against any login application. Knowing compromised users in advance of providing access to the company’s digital assets will prevent costly breaches and damage to business reputation often beyond repair. An ounce of prevention is worth more than a pound of post-detection/remediation. Shape Security is the best-in-class platform to help companies detect and prevent these online frauds. Shape offers these services through Shape Enterprise Defense and Shape Blackfish products.
Shape Enterprise Defense: By defending the world’s largest companies, Shape has developed expertise in detecting online traffic originated by a bot or human, and whether the request was made with malicious or benign intent. This ability allows Shape to prevent fraud in real-time and protect every application from attack and abuse.
Shape Blackfish: The average person uses the same password often on various accounts. So even if your organization hasn’t been breached, chances are many of your users’ credentials have been spilled elsewhere. Blackfish alerts your company in real-time if and when criminals actively use your customers’ or employees’ spilled over credentials elsewhere on the web.
Integrated Approach: Shape Security and Okta Partnership
The use cases are constantly evolving and converging – clearly requiring tighter integration between these two aforementioned best practices powered by best-in-class platforms from Okta and Shape Security.
The outcome of this partnership and applied integrated solution means that the joint customers who we serve will have a cutting-edge stack that is designed to offer a secure and seamless experience for workforce and customers alike. The joint solution through this partnership is very horizontal in nature despite applied use case for the various industries may slightly vary.
We here at BeyondID are super excited about this partnership and what this could mean to our customers. If you are interested in learning more about how your organization can benefit from such best-in-class solution integration, please reach out to me at arun.shrestha@BeyondID.com. We will be happy to discuss your unique requirements and how we can assist with the state-of-the-art solution to ensure your company has a very strong security framework to support frictionless experience requirements from your demanding workforce and customers.