Content, Channel technologies, Networking, Channel technologies

Okta and ServiceNow Launch Identity Cloud for Security Operations App

ServiceNow’s Sean Convery
ServiceNow's Sean Convery

The biggest security risk within any business is typically the users within that organization. From weak passwords to phishing scams, compromised credentials are a major cause of security breaches for many companies. If a compromised company can quickly locate a breach's source, they can mitigate the associated damage.

With that reality in mind, Okta Identity Cloud for Security Operations is available now in the ServiceNow store. As soon as a breach is detected through the ServiceNow security tool, the affected company no longer has to search through logs -- which could take days or weeks for them to locate the source of the breach. The compromised user is displayed directly in the ServiceNow interface, to allow for passwords to be changed quickly, and forcing the log out of the user, or even suspending the users account until the breach has been contained.

Key features of the new application, according to the companies:

  • Wizard-driven connection between Security Incident Response and your Okta org
  • Integrated data feed from Okta into a working Incident
  • Robust data feed from Okta identifying all aspects of a User:
    • All provisioned applications
    • All group memberships
    • Recent activity from the Okta system log, filtered by user behaviors
    • Full profile attribute list
  • Immediate remediation actions available directly within the Incident
    • Clear User Session in Okta
    • Expire User Password in Okta
    • Suspend / Unsuspend User in Okta (does not deprovision downstream applications)
    • Deactivate / Reactivate User in Okta (deprovisions downstream applications)
    • Change Group Membership
      • Can be leveraged to change a users security posture by applying different policies in Okta to different groups
    • Specifically deprovision User from Application
    • Specifically add or remove a user from a Group
  • All actions available as building blocks for integrated ServiceNow workflows (configuration required)
  • Fully compatible with the Okta Identity Cloud applications using Okta as an Identity Provider in ServiceNow, for User Lifecycle Management and SSO.

Sean Convery, VP and GM, security business unit, ServiceNow, said in a prepared statement, “Organizations need a fundamentally better way to scale security response, ServiceNow Security Operations automates incident research and helps security teams orchestrate response. The Okta integration with ServiceNow adds valuable insight into user behavior so security teams can do a better job of protecting their users, and in turn, their business.”

Utilizing a service like this, in connection with user training on how to prevent their credentials from being compromised, can help lessen so many of the breaches that occur today. Once a breach has happened it can take organizations an average of 66 days to contain it, according to the Ponemon Institute. Prevention of breaches should be top of mind for any business, which starts with educating users on watching for phishing warning signs, and password best practices.