• whoisearth
    link
    fedilink
    English
    arrow-up
    11
    ·
    1 year ago

    Not infosec but work with them closely this makes sense. If my laptop gets stolen or compromised it’s more likely to occur outside of the office or a VPN session. If I have sessions established with admin I 100% want them to forcefully logout if my network changes. This would prevent a common scenario of bad actors from using a pre existing admin session.

      • whoisearth
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        1 year ago

        What negligence? If I read the policy change by Okta they’re ensuring that security of killing an admin session if the network changes.

        Edit - unless you mean not mandating the feature by default? As a SaaS solution Okta is set to provide the tools for any company to use which they’re doing. They provide the ability to enable tighter security but it’s not their problem to solve. They could argue successfully that a company can and should enable their own security provisions that may overlap.

        To use non-IT terms, Okta is providing a box of knives to a teacher. The expectation is the teacher ensures if the kids can use the knives or not. Okta can take out the sharpest knives if you ask them to but you have to ask.