Okta is bringing its identity management experience to mobile device security. Find out the details in this review.
Okta is gaining a strong reputation as an identity management platform provider for the enterprise. Its Okta Mobility Management (OMM) platform applies Okta's identity management platform to enterprise mobile and Bring Your Own Device (BYOD) security.
Identity management for mobile security is an emerging area and one to watch as enterprises seek to find the ideal security solution to secure corporate data. OMM uses Security Assertion Markup Language (SAML) to support Single Sign-on (SSO) from mobile devices, a departure from more typical mobile security solutions. Using SAML for mobile security could be attractive to enterprises needing to support secure access from contractors, partners, and customer's mobile devices to their enterprise cloud applications.
Using the Okta Mobile app
The free Okta Mobile app (iOS/Android) is a single sign on (SSO) application enabling users to access enterprise applications using their Okta credentials. The below figure shows an example of how the Okta Mobile app appears on my iPad Air:
I tested out the Okta Mobile app accessing Office 365 and Google Apps. Okta Mobile on Android appeared to perform a bit better during my testing. With Okta Mobile on iOS, you have to have your application credentials assigned correctly. I recommend you test out setting up application credentials during your Okta free trial.
OMM gives you the option to specify whether to open an app via the web or a native mobile app. Arturo Hinojosa, senior product marketing manager for mobile described this feature and said, "Now - Okta Mobile is smart enough to know if you have the native mobile app installed on your device."
"If so, if the native mobile app is in our known mobile app catalog (about 100 today, and will be the entire iTunes and Google Play stores soon) it will prompt you to choose if you want to login with the native app or through the Okta Mobile browser," Hinojosa said. "If the app supports our SAML based SSO solution, Okta Mobile Connect, then we can even log you into the native app. If it does not, then we simply open the native app as a convenience."
Using the Okta Dashboard
Okta has an easy to use and follow dashboard, which I like to see in mobile device management platforms. The Getting Started information on the dashboard is well crafted and not patronizing. This shows the Okta dashboard for my account:
From the Okta Dashboard, there are shortcuts to the major device management/administration tasks. Clicking on a shortcut brings up the next page instantaneously. This shows the Add Applications page:
You can also activate and deactivate people within a few clicks. You can also send 150 character messages to all your users directly from the Okta Notifications page.
Directory integrations are available for Microsoft Active Directory (AD) and Lightweight Directory Access Protocol (LDAP), today's dominant enterprise directory services.
The recent activity logging is detailed and easy to follow. What wasn't so obvious from the interface is how to export the logging data to another backend application.
Self-service application provisioning with Okta
Self-service app provisioning management should be the order of the day in mobile first and BYOD environments. However, you don't achieve a successful self-service user experience without well-executed backend tools what Okta includes. The Self-Service page is well designed and easy to follow. The available permissions were well documented. The help text on the right side of the page is informative and not intrusive. There's also a usage page where you can track the usage of apps you deploy through self-service. This shows the Self-Service Applications page:
Security with Okta
The Security page does a commendable job of breaking down password policies and lets you specify PIN policies for Okta Mobile users. You aren't going to need a vendor certified security expert on your team to set policies, authentication, and gateway settings with Okta.
You can also setup new Okta administrators and Create API Tokens to further ensure the security of your cloud applications.
Reports with Okta
Reporting can be a challenging proposition for mobile security vendors but Okta does a great job of creating a set of accessible mobile security reports including:
- Okta Usage
- Application usage
- Application Access & Security
- MFA Usage
- Suspicious Activity
- Deprovision Details
- SMS Usage
There's also a comprehensive system log available that displays logged events for the past 30 days.
OMM and Office 365
Okta does offer an Office 365 bundle, which includes select features of OMM specifically designed to support Office 365 customers. The bundle could be an interesting challenger to Microsoft's current Office 365-based mobile device management (MDM) efforts. Okta is trying to challenge the Microsoft solution by offering integrated identity management and other capabilities unique to Okta like synchronizing the EAS profile password with Active Directory.
I think the Okta challenge to Microsoft is a positive thing. While I often frame the mobility management market as companies who've been acquired, companies who want to be acquired (and may never), and then Microsoft but there's still room for a challenge from Okta in my assessment.
Okta Mobility Management (OMM) is $4 per user per month for unlimited devices.
The list pricing for the Office 365 bundle is $2 per user per month, and that includes AD integration, identity and mobility management, and support.
Okta is a well thought out and usable mobility management platform that I expect to see a lot more of in the market. The company's roots in identity management could establish it as a breakout mobile security player for the enterprise and BYOD. If you are looking for a flexible identity management solution for your mobile workforce, you should consider Okta Mobility Management.