At its Oktane conference, Okta is championing the adoption of phishing-resistant multi-factor authentication methods amid increasingly sophisticated cybersecurity threats, according to SC Media.
"We really want to bring people on that journey, get away from SMS and push notifications. We haven't collectively in a unified way attacked this," said Okta Deputy Chief Security Officer Charlotte Wylie, who also noted the company's rollout of the new Interoperability Profile for Security Identity in the Enterprise standard to be in line with its goal to eliminate poor MFA practices.
Other executives have also urged improved user and device governance and verification during the conference. These recommendations follow an advisory from the UK’s National Cyber Security Centre recommending the organizational evaluations of MFA setups.
"Attackers have realized that many of the same social engineering techniques that tricked us into handing over passwords can also be updated to overcome some methods of MFA. We have seen the success of attacks against MFA-protected accounts increasing over the past couple of years," said the NCSC.
