The new, open-source identity security standard will be adopted by OpenID foundation members including Microsoft, Google, Ping identity and Beyond identity.
Identity and access management (IAM) solutions provider Okta has announced a new, open-source identity security standard for SaaS providers, calling it the Interoperability Profile for Secure Identity in the Enterprise (IPSIE).
The new security framework, set to be adopted by Microsoft, Google, Ping Identity, BeyondIdentity, and SGNL among others, is aimed at improving “end-to-end security” for SaaS-based identities.
“Okta is determined to get security right and we know the future of the industry rests in not just securing identity, but also having a secure identity standard that is open and available to everyone,” said Arnab Bose, chief product officer for Workforce Identity Cloud at Okta. “This new industry standard will help standardize identity security to make everyone more secure while elevating the entire technology industry to be better protected from attacks.”
The company made the announcement at its annual identity conference, Oktane, along with the unveiling of a couple of other product enhancements.
IPSIE aimed at ‘secure-by-design’
The new identity-centric security standard is designed to strengthen existing security controls in addition to some new mandates that the SaaS community can benefit from, according to Okta.
The existing identity security capabilities in SaaS applications that IPSIE is expected to bolster include single sign-on (SSO), lifecycle management, governance and privileged access, risk signal sharing, and session termination.
Added new benefits within the IPSIE standard will include added visibility across identity threat surfaces and building secure-by-default SaaS applications, according to Bose.
To help ease the adoption, Okta is working on integrating several independent software vendors (ISV). “Okta has worked with leading SaaS vendors to build over 125 deep integrations with some of the most widely adopted enterprise applications, including Google, Microsoft Office 365, Slack, and Atlassian,” Bose said.
These applications support features that will be included in the standard to better meet the tech ecosystem and customers where they are today while providing a framework to better protect them in the future, Bose added.
Okta is also working to enable app builders using the Okta Customer Identity Cloud (CIC) to build their applications to be IPSIE-compliant and “secure by default.”
Okta set to simplify MFA, SSO experiences
Okta has announced a new offering, Extended Device SSO, which will be available in Q1 of 2025 as part of the Okta Device Access, the security control offered by Okta to manage access to corporate resources based on the type of device used for access.
Extended Device SSO will reduce the “amount of MFA challenges” by bringing the number of MFA prompts to once per device login, supported for both Windows and MacOS, before enabling access to apps like Office 365, Google Workspace, Zoom, and Slack, minimizing the need to re-authenticate.
Okta also announced partnering up with various third-party identity verifiers including Clear, Persona, Incode, Socure, Onfido, and LexisNexis, to enforce an extra layer of identity verification.
“By enforcing identity verification at any stage of the employee lifecycle, organizations can more effectively mitigate the risk of social engineering and deep fake attacks,” Bose noted.
