Comment on No, Okta, senior management, not an errant employee, caused you to get hacked
vin@lemmynsfw.com 1 year ago
If anyone here is a security expert, can you tell me of the following should have been done be default
- Binding Okta administrator session tokens based on network location (Complete)
Okta has released session token binding based on network location as a product enhancement to combat the threat of session token theft against Okta administrators. Okta administrators are now forced to re-authenticate if we detect a network change. This feature can be enabled by customers in the early access section of the Okta admin portal.
whoisearth@lemmy.ca 1 year ago
Not infosec but work with them closely this makes sense. If my laptop gets stolen or compromised it’s more likely to occur outside of the office or a VPN session. If I have sessions established with admin I 100% want them to forcefully logout if my network changes. This would prevent a common scenario of bad actors from using a pre existing admin session.
vin@lemmynsfw.com 1 year ago
Yes, it makes sense. Can not doing it be considered gross negligence?
whoisearth@lemmy.ca 1 year ago
What negligence? If I read the policy change my Okta they’re ensuring that security of killing an admin session if the network changes.
vin@lemmynsfw.com 1 year ago
Thanks!