Secure your password processes with OKTA and FastPass IVM

User verification in the service desk has security risks – make it secure with FastPass and OKTA

User authentication in Identity Verification Manager (IVM) with OKTA auth.

Okta FastPass Side Image
Hackers calling the service desk

The Risk

Your service desk receives calls all day long from users seeking assistance and access. Are all of the calls from real users – or can criminals / hackers exploit this channel?

Any hacker who gets access to internal systems can be a life-threatening experience for any enterprise. An obvious risk is the issuance of passwords from the service desk, but there are other transactions in the service desk where high risks are involved if we don’t know who is on the other end of the phone line.

The Problem

Hackers will use social engineering skills to talk your service desk supporters away from the official process of verification. Only with a forced workflow for password reset and other critical service desk transactions can you prevent skilled hackers from manipulating the supporters to give away your assets and access.

social engineering attacks service desks
users with okta verification

Users with OKTA Verification

If you have already invested in OKTA, then you can use OKTA for end-user verification in new and important security situations:

 

  • Verify end-user identity in the service desk
  • Authenticate users in self-service of password reset
user no okta verification

Users without OKTA Verification

If you have users in special departments or regions without OKTA verify, then these users can verify with other methods in FastPass with single factor or Multi Factor Authentication as you need.

okta fastpass users

FastPass Users

For the few users who still call the service desk FastPass offers a secure process for user verification at the service desk: FastPass Identity Verification Manager (IVM).

The Solution

When a call is initiated in your ITSM system (ServiceNow or other) then the ITSM system automatically transfers control to FastPass IVM. Now IVM verifies the end-user’s true identity. This is done according to rules set up by you. Only if the criteria are met will IVM grant the rights – be it a new password or any other asset.

With OKTA  you can request the end-user to authenticate using Okta push, Okta verify TOTP, Okta SMS, Okta Callback, Okta Email, Okta Google TOTP or Okta Challenge/Response security questions. The factors themselves can score different points.  You might use many other tokens or methods for verification built into IVM if the users don’t have OKTA.

OKTA FastPass solution for Identity Verification Manager IVM
youtube-video-thumbnail

The result is:

  • A secure verification
  • A complete audit logging for compliance review
  • All supporters will follow the exact same management decided process – even new supporters will be forced. (the process can differ per user)
  • Management can force new and better process instantly
  • Improve ROI for your OKTA investment
  • Prevent social engineering against the service desk and other support functions

Features

Different verification processes for different user groups, and different verifications depending on the network the user accesses from.

Oracle password system logos Active Dirctory IBM Google
OKTA FastPass Verification Methods

Easy integrated to modern ITSM systems

Available for on-premise and from FastPass Cloud

As a benefit, the supporters access to tools to do the functions outside IVM can be reduced. As an example don’t give the supporters privileged access to reset passwords.

How does it work?

You can have OKTA verify the users in many ways. When a user belongs to an OKTA group then FastPass, as part of the verification process, will ask OKTA to confirm the identity. This is done through the OKTA API.

FastPass instructs OKTA what credential to use for the authentication, or the ServiceDesk user can decide based on the availability the user has, and what factors the user has enroled with in OKTA. The customer can even give different security weight to the different credentials as needed.

Supported credentials now are:

  • OKTA VERIFY-PUSH
  • TOTP
  • SMS
  • Call Back
  • Email
  • Google TOTP
OKTA-API-Illustration2

Benefits of OKTA Integration

FOR SSPR

Self-Service Password Reset

  • Secure user identification with OKTA approved credentials in self-service
  • Differentiate identification process based on credential types ( SMS versus Authenticator)
  • Use OKTA knowledge for behavioral data (roadmap)

FOR IVM PASSSWORD RESET

Identity Verification Manager

  • IVM uses OKTA credentials for secure identification
  • Differentiate identification process based on credential types ( SMS versus Authenticator)
  • Uses OKTA knowledge for behavioral data (roadmap)

Frequently Asked Questions

Protect your Passwords today with FastPass

Get in touch with us today by filling up the form and our team will get back to you as soon as possible.

Get in Touch

Our team will get back to you as soon as possible.

Scroll to Top