This year’s Okta Business at Work annual report highlights growth, despite national headlines with concerns about a recession and economic contraction. Given Okta’s role as a leading identity service provider, the growth theme is good news for stronger authentication and protection against access compromise, phishing, and ransomware. The theme around growth also highlights the undercurrent towards zero trust principles to remove implicit trust, enforce least privilege access, and provide continuous monitoring. Companies are investing more in higher-assurance identity factors and leaving old-school identity factors of passwords and security questions behind.
As the line between work life and personal life continues to blur, it is clear remote and hybrid workforces are here to stay as companies invest in zero trust configurations for users, devices, and networks. Hybrid work also leads an investment shift from on-site security appliances to security cloud edge platforms for an improved user experience, lower cost and less complexity, and context-based adaptive access policies supporting zero trust principles. Employees have also changed their perspective of employers to include powerful and easy to use business technology accessible from any location with high performance.
Netskope, as a leading security services edge (SSE) platform, takes first place again in this report with 250% year-over-year growth as the fastest growing app with unique users, another validation of the investment shift from on-site security defenses to SSE. The report also looks at the fastest growing apps with unique users by region and industry where Netskope leads with 1,100% growth in the finance and banking industry, and 521% growth in the North America region, plus 56% growth year over year for the Asia-Pacific (APAC) region.
The Okta report also highlights that the average company utilizes 89 different apps and large enterprises average 211 apps, which is up 8% year-over-year. These numbers align with Netskope Threat Labs research on data sprawl, where companies with 500-2,000 users average 138 different apps to create, upload, share, or store data. While it may be easy to assume apps are company managed and monitored, they often have personal instances, and most of the app adoption is business-unit led outside of IT management and control. This is where risks lurk, including cloud-delivered malware and data exfiltration both leveraging personal cloud storage to evade detection.
While this report and previous editions confirm the investment in appliance-based VPNs and cloud-hosted VPN-as-a-service as a pandemic response to increase remote access capacity, Netskope predicts a shift to zero trust network access (ZTNA) following the overall Okta report theme for increasing adoption of zero trust controls and a 31% year over year growth for ZTNA solutions. Given the same client is utilized for SSE access and ZTNA, or agentless browser-based ZTNA access for third-parties, the lines will blur with SSE and SASE (security access service edge) platform convergence. As companies continue their digital transformation journey, an inside-out mandate for secure anytime-anywhere access will dominate to replace VPNs.
Cloud adoption is no longer a trend, it is a business imperative with multi-cloud IaaS and SaaS adoption continuing to increase. To quote from the Okta report, “Organizations today need to be able to safely provide their workforce with anytime, anywhere access to data, workflows, productivity, and collaboration tools – and the cloud makes that possible.” SSE cloud platforms and zero trust principles make up the modern security stack today for cloud adoption complemented with SaaS security posture management (SSPM) and cloud security posture management (CSPM) for highly favored multi-cloud adoption highlighted in the Okta report.
One trend at the end of the report worth noting is the 640% increase for adaptive MFA events, these are logins that dynamically generate a request for step-up authentication in response to changes in user and device behavior, location, or other context. Context-based adaptive access is a big part of Netskope Intelligent SSE, including step-up authentication requests, real-time coaching to users, requesting justifications for activity, or providing alerts with the option to proceed by accepting the risk or to cancel. Netskope seamlessly integrates with Okta as an identity service provider, plus Netskope supports 60+ integrations with Cloud Exchange modules into your security stack for automated workflows, sharing threat intel IOCs, exchanging risk scores for apps, users, and devices, plus exporting event logs.
Learn more about the Netskope and Okta partnership working together at every step of the identity lifecycle, plus view our top five use case demonstration videos.