IGA on Your Okta Tenant – Advantage YouAttest
Okta is an amazing IAM/CIAM/2FA product – the gartner leader, and the customer favorite. It changed the world around identity by supplying the first fully-functional IAAS system. But no product is an island – and the same is true for Okta and IGA – that’s why this blog is about IGA on Your Okta Tenant – Advantage YouAttest.
YouAttest Provides key advantages of its SSO integrated (And OIN verified) integration into your Okta tenant. Integration is in minutes using SAML or OIDC. Once integrated your tenant in the YouAttest cloud interacts securely with your tenant in the Okta cloud and provides the additional IGA functionality unavailable in your Okta tenant alone.
YouAttest IGA features for an Okta deployment include:
1. Audit Ready Attestation Campaigns
YouAttest has a pre-created GUI to walk through users on Attestation Campaigns. Most customers default to some form of XLS spreadsheet usage to have the audit-mandated non-admin personnel conduct the identity audits for SOX, SOC, HIPAA/HITRUST, PCI-DSS and CMMC guidance.
Image #1: YouAttest is an purpose driven tool with a mission to make identity attestation simple, repeatable and secure. ( IGA on Your Okta Tenant )
2. Multiple Reviewers
YouAttest automatically enables the audit team to mandate single reviewers, multiple reviewers and even groups of reviewers.
Image #2: YouAttest allows the Audit Group to enforce attestations by a comma seperated list or by a pre-existing Group.
3. Auto-Delegation of Reviewers
YouAttest enables the auditing team to enable auto-delegation to automatically delegate to the appropriate managers.
Image #3: A key feature to the YouAttest attestation product is the ability to delegate, automatically to the correct managers – to attest to their user assignments and privileges. ( IGA on Your Okta Tenant )
4. Auto-Creation of Time Stamped Reports
YouAttest creates time-stamped immutable reports from the attestation reports – key to compliance reporting.
Image #4: Time Stamp attestation reports are crucial to the audit process – YouAttest delivers.
5. User/Group Attestations
YouAttest has pre-built screens for enterprise to run user and group attestations – these are important not just for audits but for enforcement of the Principle of Least Privilege (NIST PR.AC-6).
Image #5: YouAttest enables the audit team to run user and group based Audits on the Okta tenant without Okta admin access. ( IGA on Your Okta Tenant )
6. Application Attestations
YouAttest has pre-built screens and workflows for application reviews. These are important for all security guidances and mandated by the SOX governance controls.
Image #6: YouAttest conducts Application Audits for SOX and many other compliance measures. ( IGA on Your Okta Tenant )
7. Auto-Scheduling of campaigns
YouAttest allows the audit/compliance team to not only create attestation campaigns – but to auto-schedule them each year/quarter/month or as often as needed.
Image #7: YouAttest allows you to schedule campaigns for repeat access reviews.
8. Pre-Set Deadline for Attestation Campaigns
Nothing gets done w/o a deadline -YouAttest campaigns start with a due date. Nag reminder emails are included in the process!
Image #5: Audit teams can put a due date for each attestation to insure proper attention is made to the audit process. ( IGA on Your Okta Tenant )
9. Pre-Built Attestations on Key Security/Group Changes
Okta is an amazing tool that enables alerts and attestations all sorts of security modifications including group and resource allocations. YouAttest is the plug-in that INSURES that these changes are reviewed. That’s proper governance.
Image #6: YouAttest has event-based triggers that force a security audit of the action. Key to implementing identity security and stop privilege escalation. ( IGA on Your Okta Tenant )
10. Instant Report of Reviewer Actions
YouAttest provides an outline of who took what action in reviewing access, what that action was, when it took place, and upon which individual. Reports are populated as soon as an action is made, meaning if a manager presses certify and a report is downloaded, it will reflect this decision and who made it. Reports can be downloaded as a PDF, CSV, Excel, or printed off and serve as a paper trail for any auditor questioning when access reviews took place and by whom.
YouAttest provides the access review functionality, integrated into your Okta tenant that enables enterprises to save 100 of hours and create more compliant and secure environments.
Image #10: YouAttest provides instant on on-going results on reviewer actions.
—
YouAttest is the only cloud-based IGA platform that deploys in minutes via application SSO to platforms like Okta. Register for the YouAttest webinar on “Conducting IGA on Okta with and without YouAttest”.
