Okta, OpenID form working group to explore new identity security standard

A working group that brings together Okta, the OpenID Foundation, Ping Identity, Microsoft, SGNL and Beyond Identity is “the first step towards establishing a new identity security standard, the Interoperability Profile for Secure Identity in the Enterprise (IPSIE),” according to a release.

Okta and the OpenID Foundation are the founding members of the group, which will work on an open standard envisioned as a framework for SaaS companies to improve integration and security across “every touchpoint of their technology stack.”

Todd McKinnon, CEO of Okta, says “our goal with IPSIE is to standardize identity security and help foster an open ecosystem where building and using enterprise applications that are secure by default is easy for everyone.” The firm says the lack of a standard for integrating new and existing technologies like multi-factor authentication (MFA), single sign-on (SSO), risk signal sharing and session termination can lead to wonky integration and security risks, and that IPSIE fills the need for a framework to cover these services.

Many big names have already bought into the standard: per the release, more than 50 SaaS apps including Google, Microsoft Office 365, Slack and Atlassian have “already built features and APIs that support aspects of this future standard.”

IPSIE is based on the principle that identity and security are tied together. It aims to be comprehensive, promising “complete visibility across the identity threat surface” and positing that full identity management integration means more control over access, workflows, and continuous authentication to flag risk signals. Better detection enables faster response times to attacks and data breaches.

“Any app built to the standard,” says the release, “will adhere to a higher level of security by ensuring that it can be governed, manage entitlements, support MFA, posture management, and real-time universal logout.”

The goals are consistent security outcomes across SaaS applications, simplified compliance and easier integration – an overall reduction in what Okta calls organizations’ “identity debt.”

The IPSIE news dropped at the Oktane 2024 conference, among other announcements from Okta.

Article Topics

Beyond Identity  |  cybersecurity  |  digital identity  |  identity access management (IAM)  |  Okta  |  open standards  |  OpenID Foundation  |  Ping Identity  |  SaaS