Okta Expands Into Application Security With New API Access Management Product
Okta launced a new API Access Management solution Tuesday at its Oktane 16 event in Las Vegas, a move partners said would help them add more security features to their application and development portfolios.
The new Okta API Access Management sets itself apart from other API access management offerings by managing access based on the user, group membership, network zone or device, rather than by application. Integrated into the Okta One Identity cloud, the offering allows for the creation, maintenance and audit of API access policies. It is also integrated with other API management solutions.
The launch responds to growing demand from customers and partners for a secure and user-friendly application integration offering, Okta Chief Product Officer Eric Berg said. While Okta is best known for its single sign-on and identity and access management solutions, Berg said one of the company’s ’best-kept secrets’ is its growing base of customers building application solutions on top of its platform to better secure their application supply chain and back end.
Now, with the launch of Okta API Access Management, Berg said the door has been opened for partners and enterprises to build composite applications and for partners to integrate new features securely into legacy applications.
Bryan Wiese, vice president and general manager of identity and access management at Denver-based Optiv Security, said Optiv is already seeing interest in this type of solution from customers. That comes mostly from customers who have a business built on platform consumption of services or those who more generally recognize the importance of investing in application security, he said.
’Today, the number of companies involved in the API economy and the number of APIs available in the market for consumers and developers are growing at an exponential rate. Companies need to be able to centrally and effectively manage access management policies for these services being offered to consumers,’ Wiese said.
Rex Thexton, managing director, Accenture Security, agreed, saying the systems integrator is seeing ’demand for improved API access management, auditing and analytics steadily increasing.’ In particular, Thexton said security solutions like Okta API Access Management are needed as businesses move to develop new APIs and services around legacy applications in a secure way.
’As the adoption of cloud services increases and as more enterprises begin making their services and APIs available externally, these use cases and boundaries are becoming much more difficult to define. … This [offering] will be important for IT since it will provide a standard approach to manage identity-driven access to APIs and provide a centralized administration point which can manage access across the entire enterprise,’ Thexton said, adding that this need will only grow with the addition of more mobile and Internet of Things devices and applications.
For Okta, the launch marks an expansion into a new market for application security, Berg said. He said that positions Okta and its partners to take a hand in the ’digital transformation’ of customers, both offering new web and mobile application experiences with back-end integration and/or selling access to core APIs and services.
’When you look at it, most of these companies are going through these digital transformations. Certainly Okta is now a piece of that puzzle,’ Berg said.
Accenture’s Thexton said the expanding portfolio with be a ’key differentiator’ for Okta. For partners, he said that evolution is key as it allows for Accenture to have new conversations with current or future customers about API access management.
’Okta has been continuously evolving their product offering and capabilities, and this is another example of how they are innovating to address some of the more difficult security challenges in the enterprise,’ Thexton said.
Optiv’s Wiese agreed, saying the ’continued evolution and expansion’ of Okta highlights why Optiv chooses to partner with the vendor, saying it ’shows a strong understanding of what the customer needs in order to effectively secure and enable their business.’
’At Optiv, we look for partners who not only continue to expand and deepen their security reach and have strong existing products, but who also have strong product road maps and an understanding of who and what they want to be as a company for their customers,’ Wiese said.