Okta Meets CDM Phase 2: Least Privilege and Infrastructure Integrity

okta cdm

Okta Inc, a cloud-based foundation for secure connections between people and technology, has tools to address the requirements outlined in phase 2 of the Department of Homeland Security’s Continuous Diagnostics and Mitigation (CDM) program.

The CDM program, founded in 2013, provides federal departments and agencies with capabilities and tools that identify cybersecurity risks on an ongoing basis and prioritize these risks based on potential impacts while enabling cyber personnel to mitigate the most severe problems first.

CDM is divided into three defined phases with a potential fourth phase to be announced in the near future. Phase 2 centers around “who is on the network” and provides tools that manage access control, security-related behavior management, credentials and authentication management, and privileged access management.

Okta currently address all four of these components within phase 2 and allows users to access applications on any device at any time while still enforcing strong security protections. Government agencies can now use the CDM vehicle and Okta to address their critical identity and access- management needs.

Okta addresses phase 2 (TRUST, BHVE, CRED and PRIV) in the following ways:

  • Single Sign-On with delegated authentication to Active Directory with Okta’s Universal Directory
  • Adaptive Multifactor Authentication
  • Self-Service Password reset, centralized logging and reporting
  • Provisioning and Decommissioning of user accounts in applications
  • Enterprise Mobility Management
  • PIV/CAC support

As government agencies continue to migrate critical resources to the cloud, it becomes imperative that users are able to securely access these applications from any device while also providing peace of mind that each identity has been verified.

The CDM program in conjunction with Okta is a great way for agencies to address cybersecurity initiatives outlined in the Cybersecurity National Action Plan (CNAP).

Related Articles