webinar- turbocharging okta for privileged access management

HELLO!I am Anirban Banerjee.

I am the Founder and CEO of Onion ID.

https://calendly.com/anirban/enterprise-demo/

IT INFRASTRUCTURE

TODAY: CHALLENGES

OKTA vs ONION ID

OKTA & ONION ID:

INTEGRATION

PROTECTION

THROUGH PAM

IT INFRASTRUCTURE TODAY

4

IT Infrastructure

Today

Laptops In house servers

Mobile devices

Cloud Servers

The Landscape is Changing

Wait for it – Cloud Services!

Why is the Cloud so Popular?

All these benefits are not without cost!

• Shift in Capex to Opex• Cost savings – 25% on avg.

• Employee Mobility• Easy access – 49% on avg.

• Scaling is easier• More efficient – 55% on avg.

• Time savings• More time to innovate – 31% on avg.

• Choice – no traditional vendor lock in

Costs in the Cloud

▸ Plan• 10- year cost of ownership

▸ Sometimes unpredictable

▸ What to Track• Instances, Accounts, Licenses

▸ How to Track• Custom tools, Vendor tools, 3rd party

Estimating Cloud Costs

▸ Not just dollars• Time to manage accounts/servers• Vendor downtime

▸ Hidden costs• Employee training costs• Service desk requests• Wastage of unused accounts/servers

▸ Who is spending• Visibility is very poor

What about Asset Management?

Asset Management:

Obvious Costs

▸ Inventory• How many accounts, servers• How many applications

▸ Audit• Regular process, just like

compliance• Set up controls

▸ Alert• Knowing is half the battle• AWS Cloudtrail• Domo• Zapier

▸ Managing users• Account setup is not easy• Multiuser support is very poor

▸ Downtime• 99.95% means 21.6 mins of downtime/mo• 99.99% means 4.32 mins of downtime/mo

▸ Resetting passwords• 18.5 Million results in a generic search• Highest ticket count for any Hoster

▸ Onboarding users and training• Users may need 11 weeks to get comfortable

Asset Management:Hidden Costs

Access to Cloud Assets comes with hidden costs!

OKTA vs ONION ID

What is Okta?

▸ A cloud-based SSO platform that allows users to enter one name and password to access multiple applications.

▸ Users can access all of their web applications, both behind the firewall and in the cloud, with a single sign in.

▸ A seamless experience across PCs, laptops, tablets, and smartphones.

▸ Saves time spent for user management, account creation, password resets.

▸ Simple access management for multiple users and apps!

Privileged Access Management

Securing access to an application is only the first step.

How can we control what happens once a user has access?

Access Management Privilege Management !

What can an employee see?

What can an employee click?

What can an employee fill?

What can an employee download?

Evolution of PAM

PAM 1.0SSH CORP

Traditional password-based protection. Additional features include:

• SSH Key Rotation• Command

Interception• Video-session

Recording

Difficult to Deploy, Use & Manage Ignores User Behavior No fine-grained PAM No SaaS features

PAM 2.0CYBERARK, BEYOND TRUST

Introduction of Server PAM • Windows and Linux

Authentication beyond passwords:• 2FA, traditional SMS

Increased PAM flexibility: • upgrade/downgrade

rights • Password Vaulting• Automatic Password

resets

Difficult to Deploy, Use & Manage Improved, but still not fine-grained PAM No SaaS features

PAM 3.0ONION IDCloud Saas PAM is a priority:• Fine gained control

over apps and licenses.• Cost monitoring and

control.• Advanced protection

features (text redaction, button intercept, form protection).

No Rules - user behavior:• Active Authentication

(geofencing, geo-proximity, air sigs, fingerprints).

• Advanced anomaly detection via adaptive ML.

Easy to Deploy, Use & Manage:• Zero Agent Design• Near Invisible 2FA

Evolution of PAM

What we offer

Privilege Access Management Full control over who has access to what and when. Real time and Intuitive

Vigilance Keep track of user activity Receive alerts for anomalous behavior Gain complete visibility through detailed reports

License Management Control your cloud costs Monitor time and money spent on cloud services

OKTA&ONION ID: INTEGRATION

16

PAM Layer Layer on top of existing services

Dynamic Privilege Management

SSO NAC CASB

Power In Unity

Okta users maintain access to their applications via the SSO mechanism

Onion ID adds another layer of security, which can be enabled for any Okta-supported application

Once activated, Onion ID offers complete control of what an employee can see, do, modify, fill out, and download within the app.

No modifications to the Okta installation, no need to recreate user profiles.

All you have to do is activate the Onion ID extension for any application that you want to support.

PROTECTION THROUGH PAM

19

Privilege Management

Command Filtering

SSH Key Management

Session Recording

URL Filtering

Action Filtering

View Filtering

Fine Grained Control

Find out which servers, applications and websites your employees are using.

Each action is risk scored using machine learning to detect and prevent threats.

Even if an application does not support role-based filtering, Onion ID can help you layer security on the application is seconds.

Real time alerts to identify misuse and anomalous changes

Make sure that compromised accounts cannot be misused.

THANK YOU!Any questions?You can find more about us at:Onion ID – Infrastructure Access Securitywww.onionid.com , sales@onionid.comTel: +1-951 231 0557https://calendly.com/anirban/enterprise-demo/