single sign-on
Auto Added by WPeMatico
Auto Added by WPeMatico
End users tend to get a bad rap in the security business because they are often the weakest security link. They fall for phishing schemes, use weak passwords and often unknowingly are the conduit for malicious actors getting into your company’s systems. Okta wants to change that by giving end users information about suspicious activity involving their login, while letting them share information with the company’s security apparatus when it makes sense.
Okta actually developed a couple of new products under the umbrella SecurityInsights. The end user product is called UserInsights. The other new product, called HealthInsights, is designed for administrators and makes suggestions on how to improve the overall identity posture of a company.
UserInsights lets users know when there is suspicious activity associated with their accounts, such as a login from an unrecognized device. If it appears to involve a stolen password, he or she would click the Report button to report the incident to the company’s security apparatus where it would trigger an automated workflow to start an investigation. The person should also obviously change that compromised password.
HealthInsights operates in a similar fashion, except for administrators at the system level. It checks the configuration parameters and makes sure the administrator has set up Okta according to industry best practices. When there is a gap between the company’s settings and a best practice, the system alerts the administrator and allows them to fix the problem. This could involve implementing a stricter password policy, creating a block list for known rogue IP addresses or forcing users to use a second factor for certain sensitive operations.
Health Insights Report. Image: Okta
Okta is first and foremost an identity company. Organizations, large and small, can tap into Okta to have a single sign-on interface where you can access all of your cloud applications in one place. “If you’re a CIO and you have a bunch of SaaS applications, you have a [bunch of] identity systems to deal with. With Okta, you narrow it down to one system,” CEO Todd McKinnon told TechCrunch.
That means, if your system does get spoofed, you can detect anomalous behavior much more easily because you’re dealing with one logon instead of many. The company developed these new products to take advantage of that, and provide these groups of employees with the information they need to help protect the company’s systems.
The SecurityInsights tools are available starting today.
Powered by WPeMatico
The mainstream will never adopt blockchain-powered decentralized apps (dApps) if it’s a struggle to log in. They’re either forced to manage complex security keys themselves, or rely on a clunky wallet-equipped browser like MetaMask. What users need is for signing in to blockchain apps to be as easy as Login with Facebook. So that’s what Bitski built. The startup emerges from stealth today with an exclusive on TechCrunch about the release of the developer beta of its single sign-on cryptocurrency wallet platform.
Ten projects, including 7 game developers, are lined up to pay a fee to integrate Bitski’s SDK. Then, whenever they need a user’s identity or to transact a payment, their app pops open a Bitski authorization screen, where users can grant permissions to access their ID, send money or receive items. Users sign up just once with Bitski, and then there’s no more punching in long private keys or other friction. Using blockchain apps becomes simple enough for novices. Given the recent price plunge, the mainstream has been spooked about speculating on cryptocurrencies. But Bitski could unlock the utility of dApps that blockchain developers have been promising but haven’t delivered.
“One of the great challenges for protocol teams and product companies in crypto today is the poor UX in dApps, specifically onboarding, transactions, and sign-in/password recovery,” says co-founder and CEO Donnie Dinch. “We interviewed a ton of dApp developers. The minute they used a wallet, there was a huge drop-off of folks. Bitski’s vision is to solve user onboarding and wallet usability for developers, so that they can in-turn focus on creating unique and useful dapps.”
The scrappy Bitski team raised $1.5 million in pre-seed capital from Steve Jang’s Kindred Ventures, Signia, Founders Fund, Village Global and Social Capital. They were betting on Dinch, a designer-as-CEO who’d built concert discovery app WillCall that he sold to Ticketfly, which was eventually bought by Pandora. After 18 months of rebranding Ticketfly and overhauling its consumer experience, Dinch left and eventually recruited engineer Julian Tescher to come with him to found Bitski.
Bitski co-founder and CEO Donnie Dinch
After Riff failed to hit scale, the team hung up its social ambitions in late 2017 and “started kicking around ideas for dApps. We mocked up a Venmo one, a remittance app…but found the hurdle to get someone to use one of these products is enormous,” Dinch recalls. “Onboarding was a dealbreaker for anyone building dApps. Even if we made the best crypto Venmo, to get normal people on it would be extremely difficult. It’s already hard enough to get people to install apps from the App Store.” They came up with Bitski to let any developer ski jump over that hurdle.
Looking across the crypto industry, the companies like Coinbase and Binance with their own hosted wallets that permitted smooth UX were the ones winning. Bitski would bring that same experience to any app. “Our hosted wallet SDK lets developers drop the Bitski wallet into their apps and onboard users with standards web 2.0 users have grown to know and love,” Dinch explains.
Imagine an iOS game wants to reward users with a digital sword or token. Users would have to set up a whole new wallet, struggle with their credentials or use another clumsy solution. They’d have to own Ethereum already to pay the Ethereum “gas” price to power the transaction, and the developer would have to manually approve sending the gift. With Bitski, users can approve receiving tokens from a developer from then on, and developers can pay the gas on users’ behalf while triggering transactions programmatically.
Magik is an AR content platform that’s one of Bitski’s first developers. Magik’s founders tell me, “We’re building towards reaching millions of mainstream consumers, and Bitski is the only wallet solution that understands what we need to reach users at that scale. They provide a dead-simple, secure and familiar interface that addresses every pain point along the user-onboarding journey.”
Bitski will offer a free tier, priced tiers based on transaction volume or a monthly fee and an enterprise version. In the future, the company is considering doubling-down on premium developer services to help them build more on top of the blockchain. “We will never, ever monetize user data. We’ve never had any intent at looking at it,” Dinch vows. The startup hopes developers will seize on the network effects of a cross-app wallet, as once someone sets up Bitski to use one product, all future sign-ins just require a few clicks.

In August, Coinbase acquired a startup called Distributed Systems that was building a similar crypto identity platform called the Clear Protocol. A “login with Coinbase” feature could be popular if launched, but the company’s focus is to spread a ton of blockchain projects. “If [login with Coinbase] launched tomorrow, they wouldn’t be able to support games or anything with a unique token. We’re a lockbox, they’re a bank,” Dinch claims.
The spectre of single sign-on’s biggest player, Facebook, looms, as well. In May it announced the formation of a blockchain team we suspect might be working on a crypto login platform or other ways to make the decentralized world more accessible for mom and pop. Dinch suspects that fears about how Facebook uses data would dissuade developers and users from adopting such a product. Still, Bitski’s haste in getting its developer platform into beta just a year after forming shows it’s eager to beat them to market.

Building a centralized wallet in a decentralized ecosystem comes with its own security risks. But Dinch assures me Bitski is using all its own hardware with air-gapped computers that have been stripped of their Wi-Fi cards, and it’s taking other secret precautions to prevent anyone from snatching its wallets. He believes cross-app wallets will also deliver a future where users actually own their virtual goods instead of just relying on the good will of developers not to pull them away or shut them down.” The idea of we’ve never been able to provably own unique digital assets is crazy to me,” Dinch notes. “Whether it’s a skin in Fortnite or a movie on iTunes that you purchase, you don’t have liquidity to resell those things. We think we’ll look back in 5 to 10 years and think it’s nuts that no one owned their digital items.”
While the crypto prices might be cratering and dApps like Cryptokitties have cooled off, Dinch is convinced the blockchain startups won’t fade away. “There is a thriving developer ecosystem hellbent on bringing the decentralized web to reality; regardless of token price. It’s a safe assumption that prices will dip a bit more, but will eventually rise whenever we see real use cases for a lot of these tokens. Most will die. The ones that succeed will be outcome-oriented, building useful products that people want.” Bitski’s a big step in that direction.
Powered by WPeMatico
Steve Jobs used to famously end his keynotes with “there is one more thing…” AWS decided to wait a week after their re:Invent conference ended to announce their more thing when they quietly released a single sign on product for the AWS cloud yesterday.
While the announcement was pretty thin on details, it appears to be focused on providing single sign on for the AWS family of… Read More
Powered by WPeMatico
Google Cloud announced today that it has acquired Bitium, a company that focused on offering enterprise-grade identity management and access tools, such as single-sign on, for cloud-based applications. This will basically help Google better manage enterprise cloud customer implementation across an organization, including doing things like setting security levels and access policies for… Read More
Powered by WPeMatico
Okta, a company mostly known for cloud identity management, made a foray into enterprise mobility management (EMM) at the end of 2014. Today, it announced a partnership with Box to support device-level security for the Box mobile app. The company is hoping this is the start of a series of partnerships with enterprise mobile app vendors that will enable them to apply a set of policies on… Read More
Powered by WPeMatico