Identity management platform Okta has been given the green light to handle sensitive government data up to PROTECTED classification level, after completing a comprehensive security review.
The rigorous evaluation was conducted by cybersecurity firm CyberCX.
The Information Security Registered Assessors Program (IRAP) certification allows government agencies to verify that technology providers can safely handle data which, if exposed, could damage national interests, organisations or individuals.
It assessed both Okta's core identity platform and its 2021 acquired Auth0 service against stringent controls outlined in the Australian Government's Information Security Manual.
This latest assessment expands Okta's security validation to include additional products like Okta Workflows, Privileged Access, Identity Governance, Access Gateway and Inbox, alongside its core Identity as a Service platform.
"These independent reports provide those agencies seeking to modernise their technology environment with the confidence and assurance to move off legacy on-premises infrastructure," Brett Winterford, regional chief security officer Asia Pacific at Okta said.
Detailed assessment reports for both platforms are now available to Australian government agencies through the Okta Trust Center.
The certification positions Okta to support broader technology modernisation across government, with Winterford noting that identity management acts as a "lynchpin capability that must be resilient to attack."
He predicts the certification will benefit many cloud service providers, as government agencies increasingly trust Okta as an independent identity services provider, enabling wider adoption of modern applications and services.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
