Skip to main content
Reading Time: 2 minutes

Securing Okta Administrator Accounts

In light of a recent (October 2023) security incident on the Okta Customer Support system, and in the interest of helping the Okta community, we’ve written this article to provide help and guidance to ensure your Okta Identity Platform administrator accounts are as secure as possible.

1

What data was accessed during the breach?

a) All past and present Okta administrator usernames (and filtered profile information) that had a profile created in the Okta Customer Support system.
b) No passwords for the Okta Customer Support accounts were breached.
2

Actions and Advice

a) Ensure your Okta administrators have an MFA factor enrolled and they are challenged for this each and every time they access the Okta Admin Dashboard.
b) Keep the number of Okta Administrator accounts to a minimum.
c) Ensure Okta Administrators are assigned correct, least privilege, roles they need to perform their tasks.
d) Ensure the leavers process for Okta Administrator accounts is punctual and operating as expected.
e) Now is the perfect time to ensure staff have attended cyber security training (with a focus on phishing and social engineering).
f) Monitor authentication logs for elevated FAILED logon attempts.
g) Enable the enhanced security options for Okta Administrators in all Okta tenants (not just production).
h) It's recommended to send communications to all Okta Administrators (any user with elevated privileges and not just Super Admins) to ensure they are extra vigilant for MFA fatigue, Phishing, and Social Engineering.
3

Features to Enable

a) MFA for Okta Administrator authentication.
b) Enable the Bind Admin Sessions to Autonomous System Number (ASN) feature to prevent the use of tokens copied from the originating admin device networks.
c) Enable the Okta Admin Console session management feature (available in production from 4th Dec'23).

Follow the guidance in the Okta produced YouTube video below to enable the latest security features for securing Okta Administrator accounts.

Note: The Admin Console session management feature will be released to production Okta tenants on the 4th December 2023.

The following video, created by Innovate IT Ltd, walks through the process of enabling of admin ASN blocking in the features section and making sure the Okta Admin app has MFA enabled.