If you're on a Galaxy Fold, consider unfolding your phone or viewing it in full screen to best optimize your experience.
Okta's suite of automated workplace identity products increases your network's security and lets IT techs focus on higher-level issues. Whether you need single sign-on (SSO) or multi-factor authentication (MFA) technology -- or both! -- Okta's web-based software provides a seamless desktop, browser, and mobile device login experience for users.
As every information technology (IT) department grows, it reaches a tipping point. The volume of routine user service requests for new passwords -- or to reset them -- prevents techs from working on higher-level issues.
Still, you can't afford to give passwords and their security short shrift because you must protect your network and its data. Your solution? Automated password management.
Okta is one of the best identity management software providers on the market. We'll go over its features, pricing, and support options so you can see how your business could benefit from using it.
Founded in 2009, Okta has identity and access management solutions for workplaces and consumers. Its primary product is a web-based single sign-on application that allows users to log into multiple applications such as Gmail, Office 365, and Salesforce via one centralized interface.
While Okta's individual products range from $2/month per user to $15/month per user, its minimum contract is $1,500/year. Customer support packages, whose prices are based on total users, cost extra.
This pricing schedule could put it out of reach for smaller businesses, and its customer base consists of larger companies such as FedEx, Hewlett-Packard, and T-Mobile.
Okta security software has separate product suites for workplace and consumer identity management. The workplace identity applications include:
We'll focus on Okta's SSO and MFA features because they provide the foundation for identity management.
SSO software lets users log into multiple websites and applications with a single password. For example, at The Ascent, I have separate employee accounts for Slack, Trello, and Microsoft Outlook. Our SSO provider lets me directly access these applications after logging into its interface.
Beyond standard SSO functionality, Okta includes:
After you log into your Okta account, the homepage has tiles for each connected application and website you can now open without logging in again. You can also manage multiple settings for each application from this page.
The Okta mobile app for iOS and Android devices also provides quick SSO access to Okta-connected accounts when your employees are out of the office.
SSO technology streamlines access to applications, but another key issue remains: ensuring passwords are not compromised. All passwords should be easy to remember and hard to guess, but at best, this only slows down bad actors and their strategies to uncover passwords.
MFA addresses this problem by requiring one or more extra identification "factors" beyond the password before you can access your account. Every time I log into my bank account from my laptop, for example, I must also enter a single-use code the bank texts to my smartphone.
The three authentication factor types are:
Okta has a wide range of authentication options with varying levels of security.
Okta also offers contextual access management, which requests more authentication factors based on levels of risk due to logins coming from unexpected locations, devices, or networks.
Okta reports provide the information you need for actionable insights about usage and security -- everything from overall usage to authentication troubleshooting.
Okta has three report categories:
Specify a report's time frame, filter the results, see events per actor and their locations on a map, and more. You can also download reports as a CSV file. The system log report below uses the event filter to only show initiated user sessions.
Every device (aka, "endpoint") that employees use to log into your network is a potential access point for hackers. If you have a network security operations center (SOC), these reports provide critical information for endpoint security.
IT personnel like how Okta streamlines the onboarding process for new users while increasing network security with the multiple MFA options.
They also report that it works equally well on a company's network and remote Wi-Fi connections. Some comment that technical documentation should be better organized, and that problems can arise when third-party vendors update their apps.
Employees at companies using multiple applications like having them aggregated in the Okta interface without having to log into each one individually.
Most user issues revolve around nuts-and-bolts topics, such as password length, updating passwords across multiple applications, and how often new Okta sign-ins are required.
I've used Okta and other identity management software, and I think ease of use boils down to educating users about how these applications work. While IT professionals appreciate how they impact their workloads, too often this software is dropped on users with little explanation or training.
I worked at a university that suddenly announced one day we were now using identity management software, and it took me a long and increasingly frustrating afternoon to figure out how to sync my accounts, apps, and passwords within it. And when it was time to update a password?
Whoa, Nelly! I felt like I was chasing my tail for the next hour or more as I tried to update and resync everything.
Okta's workplace identity products include:
Other products with prices ranging from $2/month per user to $15/month per user include a universal directory, life cycle management, application programming interface (API) access management, advanced server access, and access gateway. Customer support packages are sold separately.
Okta pricing requires a minimum $1,500/year contract but offers deep discounts to larger organizations adding more users. The SSO plan has a free trial.
Otka provides eligible nonprofits with 25 free licenses for all Okta products, 50% off public training courses, and unlimited complimentary passes to the annual Oktane customer conference.
Okta's four customer support plans include:
The Basic plan has 12/5 support Monday through Friday from 9 a.m. to 9 p.m. ET, but the others have 24/7/365 support. Pricing is quote-based and depends on your number of users.
Okta's online resources include:
Okta's resources are found in two locations -- the help center and a separate content library -- which can sometimes make it difficult to find what you're looking for.
Okta reduces IT workloads, which directly impacts your bottom line. Without Okta identity management automation, your IT department is continually resolving support tickets to grant employees access to different sites and applications while enforcing strong password protocols.
Okta says customers using its SSO have seen a 50% drop in login-related help desk requests. Users can also log into and use new apps 50% more quickly, and IT integration of acquired businesses is up to five times faster.
Okta MFA reduces the time and expense of security breaches because 80% of them involve compromised passwords.
We'll take a closer look at three more Okta features that can streamline your operations: browser extensions and plugins, ThreatInsight, and passwordless authentication.
The Okta dashboard is a useful resource for employees, but they can access the applications and websites there more quickly via browser extensions and plugins.
Supported browsers include:
The Chrome extension shown below lets you choose apps to add to your account, generate strong and random passwords for them, and switch between multiple Okta accounts. It also prevents websites from storing your login credentials.
For extra convenience, Okta administrators can use browser extensions to access the admin console.
The best security stops problems before they occur, and Otka's ThreatInsight collects data across the entire Okta customer base to detect and blacklist malicious IP addresses. ThreatInsight can log suspicious IPs without blocking access, or log and block these authentication attempts.
ThreatInsight protects your network from multiple intrusion methods:
Whether these attempted data breaches are financially motivated or driven by wannabe hacker script kiddies, ThreatInsight works to minimize downtime, increase security, and avoid unwelcome financial repercussions.
ThreatInsight also uses rate limits to prevent admin and user lockouts during a distributed denial-of-service (DDoS) attack.
Passwords are a perpetual weak link in your security system because even the strongest ones only slow bad actors down without completely thwarting them. Okta allows you to move beyond passwords with passwordless logins.
Workplace identity passwordless options include:
Factor sequencing, for example, lets you choose high assurance factors such as Okta Verify. This app allows users to confirm their identities by approving a push notification or entering a one-time code without the need for a second factor.
Passwordless authentication addresses the dueling positions about passwords illustrated by recent research: 66% of IT and IT security practitioners surveyed in the U.S., U.K., Germany, and France said protecting passwords is very important, but 51% also said password management is too difficult.
Okta's expansive features set, corollary apps and browser extensions, and thousands of native third-party integrations make it an identity management industry leader. Its entry cost, however, likely puts it out of reach for many small businesses.
Perform a thorough cost-benefit analysis to determine if you have the IT needs and budget to achieve a positive return on your investment.
|Free Plan||Phone Support||Monthly Billing||Mobile App|
Okta's pricing could rule it out for sole proprietorships and smaller businesses that probably don't have the IT requirements it's designed to meet.
For mid-to-large companies, however, Okta identity management products are a viable option to streamline employee logins across multiple applications and increase network security.
Okta's suite of workplace identity products, which include single sign-on, multi-factor authentication, and a universal directory, range from $2/month per user to $15/month per user. However, you are required to have a minimum $1,500/year contract.
Otka offers qualifying nonprofits up to 25 free licenses for all its products, 50% off public training courses, and unlimited complimentary passes to the annual Oktane customer conference.
Okta has four customer support packages, whose prices are based on your total users, for email and telephone support with varying response times. Other resources include a knowledge base, product guides and documentation, community forums, and online and in-person training.
Our Small Business Expert
We're firm believers in the Golden Rule, which is why editorial opinions are ours alone and have not been previously reviewed, approved, or endorsed by included advertisers. The Ascent does not cover all offers on the market. Editorial content from The Ascent is separate from The Motley Fool editorial content and is created by a different analyst team.
The Ascent is a Motley Fool service that rates and reviews essential products for your everyday money matters.
Copyright © 2018 - 2023 The Ascent. All rights reserved.