Okta: The IDP with granularity and reliability for all types of organizations and technologies
June 24, 2024
Okta: The IDP with granularity and reliability for all types of organizations and technologies
Score 9 out of 10
Vetted Review
Verified User
Software Version
Enterprise
Overall Satisfaction with Okta
We are currently using the Okta solution as our primary IDP (Identity provider) for our organization. Okta allows us to federate our domains as needed, and also offers us the granularity to configure it for specific scenarios that differ from domain to domain. Since our organization works similar to an MSP (Managed Service Provider), having this granularity really is a must for us.
Pros
- As mentioned, Okta provides us with an very wide range of options/granularity. This allows us to tailor the configurations differently for each of our federated domains.
- The Okta platform integrates extremely well with most SaaS/SAML platforms. This ability helps to ensure that we can easily enable SSO for our applications and can also disable a user's access to all assigned SSO apps with a single click.
- Okta offers us a range of MFA "factors" which also helps our end users stay secure despite different personal preferences.
Cons
- I'm not sure it's really a room for improvement thing, but due to the granularity offered by Okta, sometimes it can be challenging to find exactly what you're looking for.
- There was an instance in which we had issues getting SAML configured for an application. I feel this challenge was mostly user error (on our part) because we didn't realize the SAML instructions were SPECIFIC to each app integration and changed (codes) each time. We attempted to mirror the settings/configurations of an existing app (same app, but different domain). I think having a note somewhere that indicated that the instructions were unique to each integration would have saved us a bit of time. Again, I'm not sure this is really an issue with Okta though, more of a user learning curve thing.
- Sometimes searching for things is a challenge (without the "Rockstar" add-in). For example, if you have a user group called "Okta_users_everyone", searching for "everyone" will not find it. You have to search for the beginning of the object name (not just any part of it). The ability to search partial or wildcard would greatly enhance search functionality.
- The initial investment (CapX) on Okta seemed like a lot for our organization (with a limited IT budget), but the investment was 100% worthwhile. We were impressed with how easily/quickly it was up and running in our environment.
- Implementing Okta into our environment has greatly increased our security posture by granting us MFA and SSO. Having MFA helps to lower our Cyber Security Insurance premiums greatly as well.
- As with most IT Security tools, the costs of prevention far outweigh the costs of a compromise. Calculate the costs of a breach and then compare it to the costs of Okta, you will find Okta is an exceptional value for what it offers. Additionally, the ability to automate tasks saves a ton of time/money for us. For example, the integration with our HRIS system means that when HR terminates an employee, we can have Okta automatically disable their accounts and all SSO applications assigned to them. Previously this was a slow and manual process performed by our Service Desk technicians (at an hourly rate).
As previously mentioned in my other comments, our organization has over 30 companies and none of them operate exactly the same. The Okta platform offers us SSO integrations in a wide variety of environments (cloud-only, hybrid, on-prem). We mostly use SAML for our configurations and this allows us to add MFA to our tools/applications for increased security. Additionally we can easily "kill" access to all applications on an end user account immediately rather than having to locate which apps a user had and individually disabling them.
We have indeed used Okta support a handful of times and have been pleased with the level of support/knowledge. They also have "partners" that can assist, which we have used extensively for some of our implementations (such as HRIS integration). They are quick to respond and always end up resolving our issues/concerns.
When you rely on a product such as Okta for increased security of your environment, having the "5 nines" availability is imperative. We have not experienced any outages with our Okta implementation and are extremely happy to have such a reliable product/platform. The ability to rely on our identity provider is critical to ensuring our environments are protected.
We previously looked at Azure AD (now known as Microsoft Entra ID) for our IDP (Identity Provider). Okta has an interface that seems easier to navigate and configure than that of Entra ID. Additionally, the wide range of vendors/software that Okta supports made it an easy choice for our Identity provider.
Do you think Okta delivers good value for the price?
Yes
Are you happy with Okta's feature set?
Yes
Did Okta live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Okta go as expected?
Yes
Would you buy Okta again?
Yes
Comments
Please log in to join the conversation