The leaves are changing, the nights are getting cooler, and the end of the year is fast approaching. For many, the focus right now is ending the year strong, while at the same time, starting to plan for 2022. That’s why it’s extremely important to assess the benefits you have realized over the past year with your identity provider.
And you’re in luck! We’ve got some awesome new updates for you that will help demonstrate the value OneLogin provides so that you can continue to drive operational excellence and improve security within your organization.
Our Fall 2021 Release highlights new features and functionality that enable you to further customize password reset flows, build complex identity automation at scale, improve user adoption of MFA, gain valuable insights into the security posture of your environment, and much more! These new features and capabilities span three key areas:
Read on to find out more!
What are we announcing?
Although the adoption of hybrid work models has greatly benefited organizations and their employees in terms of increased flexibility and higher productivity, security obstacles will continue to keep IT & Security teams on their toes in the months to come. In fact, the UN recently reported that cybercrime is up 600% since the start of the global pandemic. The key is to offer your users the flexibility they need to get access to everyday resources critical to the business without increasing additional security risks.
- Smart Access User Policies: Smart Access allows you to reduce threat exposure by restricting access based on the user’s location or if they exhibit an unusual pattern of behavior. First-time users, however, will be able to gain authorized access to resources without getting blocked due to high risk. This helps you enforce access denial for logins that are truly high risk and decrease the amount of help desk tickets associated with account lockout for first-time users until the system learns that the user’s behavior over time.
- Custom Values for MFA Factors: Allow end users to enter a custom value (e.g. phone, email) when registering for email, SMS, or Voice MFA. This provides them with the flexibility to define their own custom values for MFA factors, such as personal email, without requiring the email to be validated and stored in your IT directory.
- OpenID Connect (OIDC) Signing Keys Rotation: Improve security for your OIDC applications with the ability to rotate the keys used to sign JWT ID and Access Tokens. This feature allows you to cycle signing keys out of rotation or revoke them immediately. Best practice recommends you rotate your signing keys every 6 months.
In this release, we have added new administration features that empower you to gain more insights into your Active Directory (AD) configuration, support AD/Azure AD hybrid domain join, as well as build complex identity automation at scale.
- Active Directory Connector (ADC) Telemetry: We added a new Sync Status column that provides additional telemetry information for each configured AD Connector. This allows you to gain insights into your ADC configuration to proactively troubleshoot any issues related to connectivity, syncs, health, etc.
- Hybrid AD/Azure AD Domain Join: Learn how to set up Microsoft Hybrid Azure Active Directory Join with OneLogin. This allows you to improve the management of Windows devices on Azure while maintaining connectivity to on-prem AD, which is already federated to OneLogin. Check out our new configuration doc!
- OneLogin Workflows and Universal Connector: Reduce the complexity of integration projects and automate complex IT workflows across different cloud and on-prem systems–all without requiring additional developer resources. Automate more advanced lifecycle management processes using time-based actions and custom notifications to provide quick access to the applications your users need, while reducing the risk of a breach due to lingering access.
- Delegated Administration: Create custom privilege sets for users with the ability to scope down permissions to specific users, roles, apps, events, and reports. By delegating administrative access to various parts of the organization at a granular level, you can enforce the Zero Trust principle of “least privilege access” and balance productivity with defending against security threats.
- Admin Insights Dashboard: Demonstrate the value of your Identity and Access Management program with a dashboard that displays data across the user base. Improve your security posture by tracking certificates, login activity, and potential opportunities to convert apps to SAML. Quick links allow you to easily provide standardized reports on a regular basis to other stakeholders across your organization.
- New Provisioning Connectors: We added SCIM connectors for Vonage, Calendly, Twingate, Clarizen to enable automated user provisioning in OneLogin.
As the demand to provide fast, highly streamlined login experiences increases, IT teams are looking for more customization possibilities from their identity provider. From new user registration to self-service password reset, each step of the login process needs to be optimized and fully transparent to the end-user.
- Password Reset Flow Customization: We have added several new enhancements that allow you to further customize password reset flows. You can now build a custom password reset flow from any page, which can then redirect users to a defined URL. We also have added a direct link to allow admins to provide a URL that directs the end-user to the Forgot Password page only. Additionally, you can decide whether you want to hide the Forgot Password link on the login screen. As a result, you can provide a more unified login experience for end-users that is consistent with your custom-built pages.