Identity-based cyber attacks continue to prevail and impact organizations. Stealing credentials was the top initial action in breaches, according to Verizon. Plus, 84% of identity stakeholders surveyed said identity-related incidents directly impacted their business, resulting in reputational damages, distraction from core business, and increased recovery costs.

It is more important than ever to safeguard sensitive data from identity-based attacks. For this, defenders need threat context from their security tools combined with data context – information on what is being targeted. To help with this challenge, Rubrik has partnered with Okta. Rubrik Security Cloud will provide Okta Identity Threat Protection with critical user context to accelerate threat detection and response. In this blog, you will learn about the key components of this integration from Rubrik and Okta and why organizations can benefit from it.

A Key to User Risk Assessment: Monitoring Changes in Sensitive Data Access

When it comes to safeguarding data from identity-based attacks, knowing which users have access to sensitive data and how user access changes over time are important.

Rubrik Security Cloud provides organizations with unparalleled visibility into user access to sensitive data. It identifies and analyzes user access factors and changes to these factors, individually and in combination. Depending on the level of sensitivity of data a user can access, the user will be assigned a certain risk score (high/medium/low/none). 

Rubrik can detect changes in access to sensitive data, enabling accurate and timely risk level assessments. This functionality is crucial for organizations to maintain control over their data, enforce least privileged access, and ensure that only authorized users have access to sensitive information.

Empowering Okta with Critical User Risk Context to Effectively Detect and Respond to Identity-Based Threats

Rubrik shares with Okta important user context such as email and the types of sensitive files they have accessed. By combining Rubrik's user access risk signals with threat context from other security products used by an organization (e.g. Endpoint Detection and Response or EDR), Okta can determine overall risk levels more effectively and automate threat response actions to mitigate identity-based threats.

Shown in the diagram is a high level overview of how the integration works:

  1. Rubrik knows the user’s identity based on information from Microsoft Active Directory

  2. Rubrik Security Cloud assigns the user a risk level based on  the sensitivity of the data they can access.

  3. When Rubrik detects a change in a user’s risk level, it shares this with Okta Identity Threat Protection, which can then take a response action.
     

Rubrik + Okta


Okta Automated Threat Response

When Okta Identity Threat Protection combines Rubrik's user risk signals with other security signals, Okta can accurately determine overall risk levels and automate threat response accordingly. For example, it can take actions on a high-risk user such as logging them out of a certain device or requiring re-authentication. These remediation steps help mitigate potential threats by revoking access or prompting additional verification when suspicious activity is detected. Upon learning about user risk changes, Okta can take an action on potential threats, reducing the operational burden on security teams.

Benefits of the Rubrik and Okta Integration

The integration of Rubrik Security Cloud with Okta Identity Threat Protection offers several significant benefits for organizations seeking to enhance their data protection and streamline threat response processes. 

Firstly, it provides continuous visibility into user access to sensitive data, enabling organizations to monitor changes in access permissions and accurately assess risk levels in a timely manner. This helps them maintain control over sensitive data.

Secondly, the integration facilitates faster threat response and remediation. By seamlessly sharing user risk level changes to Okta Identity Threat Protection, the integration enables Okta’s automated remediation actions, such as logging out users or requiring re-authentication. This proactive approach significantly accelerates threat response, thereby enhancing the overall security posture of the organization.

Additionally, the integration alleviates the operational burden on security teams. By Okta helping automate response actions, security professionals can focus their efforts on more strategic tasks, rather than being overwhelmed by manual processes. This increased efficiency translates into improved productivity and a more effective allocation of resources.

Finally, the Rubrik-Okta integration fosters enhanced visibility across the security ecosystem. By combining Rubrik's user access risk signals with threat intelligence from other security products, Okta can determine overall risk levels more effectively. This comprehensive risk assessment enables organizations to gain a holistic view of their threat landscape, allowing for more informed decision-making and proactive threat mitigation strategies.

Pioneering Integration and Innovation

Rubrik is the first and only data security platform vendor to integrate with Okta Identity Threat Protection. The integration leverages OpenID Foundation Shared Signals Framework. By utilizing this framework for receiving user risk signals from Rubrik, Okta can then automate response and remediation, thereby providing a proactive stance against potential security threats. By leveraging Rubrik's data security capabilities and Okta's identity protection solutions, the integration aims to set a new standard in identity threat response.

To learn more be sure to check out our upcoming webinar!

 

 

Safe Harbor
Any unreleased services or features referenced on this page are not currently available and may not be made generally available on time or at all, as may be determined in our sole discretion. Any such referenced services or features do not represent promises to deliver, commitments, or obligations of Rubrik, Inc. and may not be incorporated into any contract. Customers should make their purchase decisions based upon services and features that are currently generally available.