Okta Device Access aims to simpllfy and unify identity and access management (IAM) for corporate devices within hybrid workforces with customizable multifactor authentication (MFA). Okta said Tuesday that it’s set to launch a new offering, Okta Device Access, designed to extend the capabilities of its cloud-based identity and access management (IAM) service to enterprise desktops and other devices in hybrid work environments. The application, according to the company, aims to simplify logins while also offering stronger authentification features and achieving a zero trust security environment.Okta Device Access, deployed as part of Okta’s Workforce Identity Cloud service, will launch with two capabilities: desktop multifactor authentication (MFA) for Windows and macOS; and Desktop Password Sync for macOS.Desktop MFA brings Okta’s MFA policies, which include adaptive, contextual, and customizable MFA, to desktop logins to protect local data, native apps, and non-internet facing services on desktops.“With this announcement, Okta removes the legacy fence around desktop authentication which includes only allowing password-based or biometric authentication (Windows Hello, macOS touchID),” said Jack Poller, an analyst at ESG Global. “Okta now enables organizations to extend Okta MFA to the desktop, strengthening the authentication process and increasing the security of these devices. This is especially important given how often devices are lost and stolen and the amount of sensitive data stored on these devices.” Desktop Password Sync for macOS is a feature to provision local macOS user accounts with Okta credentials and enroll them into Okta Verify and FastPass, Okta’s flagship passwordless authenticators. This capability is built on top of Apple’s Single Sign-On (SSO) extension, which allows iOS and macOS devices to sign into third-party apps using their Apple ID credentials without needing to create a separate account for each app (developed with Jamf, a software company that specializes in Apple devices in enterprise and education environments).Offering aims to unify access managementOkta Device Access, according to the company, is focused on unifying access management for hybrid workflows. This means the software will bring the same login interface that Okta customers use to access their business apps to the point of device login. “Unifying access management can help admins integrate authentication policies across all user touchpoints,” the company said in a product announcement. “It can also be used by the employees who can safely sign into their work devices and applications with a unified access experience — which means fewer passwords for potential attackers to utilize.”Okta Device Access is designed to work across a wide range of devices, securing workforce identities on Windows and macOS devices. The company plans to extend the application to additional systems shortly.“One benefit of Okta Device Access is the extension of the zero-trust paradigm to the desktop,” ESG’s Poller said. “Zero trust is predicated on phishing-resistant authentication, and any organization moving to a zero-trust cybersecurity strategy needs to have phishing-resistant authentication on desktops.”Desktop MFA for Windows is planned to be available in an early access program in the third quarter, and generally available in the fourth quarter this year. Desktop Password Sync for macOS will be in early access in the third quarter and generally available in the fourth quarter as well. Desktop MFA for macOS is planned to be in early access in the fourth quarter this year and generally available in the first quarter of 2024. The company did not immediately provide pricing details. Related content brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security news Gitlab fixes bug that exploited internal policies to trigger hostile pipelines It was possible for an attacker to run pipelines as an arbitrary user via scheduled security scan policies. By Shweta Sharma Sep 21, 2023 3 mins Vulnerabilities Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe