Scattered Spider Attacks on Aviation: 3 Mitigations to Deploy Today ->
Self-service Okta enrollment, recovery and re-authentication with Deepfake Defense™ identity verification. Eliminate IT tickets, enhance account security, and improve user experiences.
How to use it
North Korean operatives and other bad actors are posing as remote IT workers to infiltrate companies around the world. Once hired and onboarded, they funnel money back to the North Korean regime, steal company data and secrets, and deploy ransomware. In fact, Gartner predicts that 1 in 4 job candidates will be fake by 2028.
Nametag uncovers North Korean IT workers and other bad actors before they can set passwords and enroll in multi-factor authentication with Okta and your other identity directories. Deepfake Defense™ identity verification prevents imposters from continuing, while legitimate users can proceed to provision their accounts without IT support. Only Nametag protects both password and MFA enrollment.
By default, Okta allows administrators to enable self-service password reset (SSPR) with authentication performed via email or SMS + a security question. This is convenient for users, but email and SMS are notoriously easy to intercept or exploit, and security questions can't be trusted since the answers are readily available online. To reset a user’s multi-factor authentication, an Okta admin must use the admin console to do it manually, creating an enormous burden and cost for IT support teams.
Nametag covers these gaps with self-service account recovery backed by Deepfake Defense™ identity verification. Employees simply verify their identity with Nametag, then reset their Okta passwords and MFA, all on their own. Deepfake Defense stops AI-powered bad actors, while self-service workflows eliminates the need for helpdesk intervention. What's more, Nametag works across all of your identity directories. So if you use another identity provider on top of Okta, you're covered with Nametag.
Okta account lockouts can be annoying and costly. They affect employees, helpdesks, IT and security teams alike. The lockout challenge is a hard one to solve: if IT makes it too easy to unlock an account, threat actors could exploit this. But if the unlock process is too long and cumbersome, frustrated employees will make their voices heard.
Nametag provides a more flexible, more secure way to enable self-service Okta account unlocks. Employees quickly verify their identity using Nametag’s ultra-secure solution and then unlock their own account. It's fast and intuive for users, using only what they already have in their pocket: their smartphone and their photo ID.
Okta offers many options for fulfilling MFA policies. But all of them can be exploited via bypass kits, push fatigue, classic phishing, and other common attack methods. Even phishing-resistant MFA factors can be bypassed by calling your helpdesk. And every Okta MFA factor requires a reset if a person changes their phone.
Nametag can be used as an external authentication method (MFA factor) for Okta. Use Nametag as the second MFA factor at high-risk moments like accessing your Okta admin environment, or when you detect suspicious behavior like potential North Korean IT workers. Nametag creates a higher level of assurance and is more flexible than any other MFA method. Even if someone loses or changes their phone, they can still verify themselves through Nametag without having to be pre-enrolled or download an app.
.png)
