It’s a big time for identity management, and similarly, it’s been a big year for Okta, as they’ve gone public and continued to add enterprise, partner, and customer-facing identity management features. Today, I slipped over to the opening keynote at their Oktane 2017 conference in Las Vegas. Here’s what I saw.
Since it’s an identity conference, they started out with an inspirational video about the meaning of identity, and how it’s changing in the future.
CMO Ryan Carlson took the stage to welcome the audience. This is the 5th Oktane. No specific attendance numbers, but ‘this room is twice the size of any in the past.’ My very rough estimate is that there were at least 5000 people in the room.
Co-founder and CEO Todd McKinnon was on next, and hosted almost all of the keynote. He talked about the big milestone of the year, which was of course Okta’s IPO in April. (OKTA) Todd shared that talking about ID, cloud, and mobility trends really helped them sell the IPO to investors. There’s no denying that things are very different these days—think changing security perimeters, APIs, changing types of employment, consumer identities, etc. ID management is key to dealing with all of this.
Okta’s position is that identity has to be independent and neutral. In other conversations with Okta, they’ve emphasized that this—along with the fact that they’re dedicated exclusively to identity—is the main way that they’re positioning themselves against Microsoft Azure Active Directory.
Next, Ben Horowitz, who was the first investor and is a board member for Okta, came on stage for an interview segment. They talked about how Okta was founded in 2009, and how directories were so different then. It was definitely a struggle for the first few years—Everybody understands cloud identity now, but things were different when Okta was founded in 2009, and it took a while for the world to catch up to their vision.
Todd moved on to the Okta Application Network. This is the group of 5000 apps that are integrated with Okta’s cloud directory. A lot of these integrations are thanks to standards, but Okta validates everything and does custom work as necessary. Customers have integrated 50,000 of their own apps.
Todd announced the Businesses @ Work Dashboard, an interactive version of their Businesses @ Work report, which covers SaaS trends among Okta customers. The data powering the dashboard will be updated quarterly (the previous reports were annual), and it’s freely available to anyone by going to okta.com/businesses-at-work. This was always one of my favorite reports, so I’m looking forward to digging into the dashboard version.
These days, there are a lot of different services besides connecting to Okta, including analytics, security, networking, API gateways, application delivery controllers, etc, so they’re renaming the Okta Application Network to the Okta Integration Network.
The next theme of the keynote was the extended enterprise—i.e. partners, contractors, and even customers. Todd is bringing Colin Anderson, the CISO of Levi’s, on to talk about how they secure these types of users, including where they use MFA.
- Okta Universal Directory now has an LDAP interface, allowing it to work directly with a lot more legacy on-premises applications.
- Okta Lifecycle Management now has more automation for extended enterprise use cases. Customers open up self-service registration; policies can now be time-based; and there’s a new rogue account detection feature.
- Okta Adaptive MFA now extends to ADFS, RDP, and customer web apps. They worked with Citrix to integrate with NetScaler, so users can launch Citrix apps directly from their Okta home page.
- Okta Single Sign On SKUs all include basic MFA, via a one-time soft token. Okta SSO can now spot common or compromised passwords. Lastly, they’re rolling out new IP blacklisting features.
The next topic was consumer-facing identity management. Todd said this is their fastest-growing segment, and the reason why they acquired Stormpath earlier this year. All of Okta’s core services are exposed via APIs. Todd says, sure, it’s easy for a developer to build a simple password page, but you really need to do a lot more for a typical app, and it’s easier to just use these APIs to do things like user registration, common password detection, API access management, and so on. (Okta API management was introduced last year at Oktane 2016.)
Okta announced several new features for customer-facing identity, and they did demos of how they’re making the developer experience for all this better. This was getting outside of the core enterprise EUC area that we usually cover, but again, it was slick. All of this is rolled up in a new Okta Developer Edition SKU.
Todd emphasized that Okta really wants to be the identity layer for consumer applications; and then they moved on to a customer panel with Veritas, Heal, and Mr. Cooper (Nationstar).
Overall it was really well-put together keynote, showing the more advanced and broader aspects of identity and access management. Watch out for more analysis, news, and articles in the coming days and weeks. As always, everything we do will end up in our Friday Notebook series, or you can watch out on Twitter.