鈥淒epth鈥 is the watchword as we begin 2024 with a deeper focus on device management capabilities and the convergence between devices and identities. We鈥檙e providing admins powerful access and new ways of working with the open directory platform, including enhanced security, expanded role-based access, as well as even greater IT efficiency via automations and workflows.
We鈥檒l be focusing on three major themes throughout the year: identity, access, and devices.
Identity
Think of 探花大神 as a switchboard that connects you to disparate resources, even if you use a different identity provider (IdP), and offers useful insights and reporting. We鈥檙e making Active Directory (AD) delegation work better for organizations that are required to keep their authentication store on premises. The platform will also work even more seamlessly with Google Workspaces as part of our ongoing partnership to deliver the best possible combination of productivity and access management for small and medium-sized enterprises (SMEs).
We鈥檙e also making it possible for you to federate with other directories like Okta. There鈥檚 the option to use the IdP that you want while leveraging 探花大神鈥檚 cross-OS device management. All users will benefit from the inclusion of dynamic group operators, which save admins time and improve security by making 探花大神 a more workflow enabled platform.
Active Directory Delegation
- We鈥檙e simplifying delegated authentication with AD with workflows that will connect the dots for admins.
- You鈥檒l be able to install agents in multiple places to avoid a single point of failure. We鈥檙e enhancing the architecture to ensure the availability of the integrated solution.
- We鈥檙e also adding Windows 2022 Server support.
This is a more economical solution than integrating AD with Okta or contending with the high administrative overhead and complexity of using and managing AD FS.
Dynamic Groups Operators
Dynamic groups bind users to resources and ensure that access policies are applied accurately. This is typically a manual effort, which dynamic groups simplify in line with evolving business requirements. Conditions like Department 鈥渆quals鈥 Sales will add greater extensibility to support changing business requirements. Custom objects will be added over time as 探花大神 progresses toward being a workflow-friendly platform to maximize IT efficiency.
Note: The real-world benefit is that an admin could simply create one user group that 鈥渃ontains鈥 everyone in sales instead of making multiple user groups for each region.
Google Workspace User Scheduled Updates
New users, created on the Google side, no longer need to be added on a case-by-case basis. Dynamic groups will give Google Workspace users automatic access to resources.
Try this to see how swiftly you can sync Google Workspace with 探花大神鈥檚 open directory.
External Identity Federation
An admin may really like their existing IdP, but not every IdP provides its customers with integrated cross-OS device management. Directory federation enables you to bring your own identity to 探花大神 and seamlessly shorten time to value while achieving Zero Trust security.
Note: Okta doesn鈥檛 provide unified endpoint management. Admins can plug in 探花大神 using federation for the assurance of healthier device postures.
Access
探花大神 Go鈩, a passwordless and phishing-resistant credential, protects and secures access to your resources. It鈥檚 positioned at the intersection of identity and device experiences, and will soon be more deeply integrated throughout the platform and more available to use. We鈥檙e extending conditional access policies for step-up authentication, with 探花大神 Go to reinforce it. We鈥檒l also be providing ways to consume 探花大神 features like push MFA, for privileged access, from beyond the admin console with the introduction of secure, headless access.
探花大神 Go: Step-Up Conditional Access, Linux, and More Browsers
Security and user experience no longer have to be at odds. 探花大神 Go solves that problem by ensuring security with modern authentication while eliminating the prevalence of passwords and MFA fatigue. Its secure and frictionless access will extend to step-up authentication whenever you want an additional layer of verification. 探花大神 Go will also offer more support for heterogeneous environments by extending its protection to Linux. And browser plug-ins will soon be available for Microsoft Edge, Firefox, and Safari. It will also work with other Chromium-based browsers.
On-Demand Push from 探花大神 Protect (API)
API integration will make it possible to seamlessly leverage 探花大神 wherever you may need it to support your evolving business requirements. For example, an admin could use 探花大神 Push MFA to extend a risk management platform to validate users before access is granted.
Temporary Elevated Access
Least privilege is an important security practice, but there are situations when a user may require admin rights (it鈥檚 almost always printers). We鈥檙e introducing privilege management that鈥檚 as-needed, and fully audited, to grant elevated permissions on a fully managed basis.
Directory Insights will help you track events with a full audit trail for your compliance lifecycle. Privilege management will simplify support while ensuring strong entitlement management and identity governance (IGA).
探花大神 Password Manager, More Directory Insights Events
Enhanced auditability and traceability is coming to 探花大神 Password Manager. You鈥檒l soon have a full account of the access and activity of specific folders within Directory Insights. We鈥檒l provide simple and user-friendly visibility so that password sharing doesn鈥檛 go unmonitored.
Check out this simulation for a .
Billing Only Admin Role (LIVE)
We鈥檙e introducing role-based access control (RBAC) within the admin console. For example, a new billing role will provide visibility for your finance team without providing global permissions.
Devices
Customers asked for it, and 探花大神 is going deeper with its cross-OS device management capabilities. Expect more reporting on apps and devices, simplified onboarding experiences, and a greater focus on application lifecycle management to come. You鈥檒l have a better understanding of device health and more optionality for managing all of your devices.
Windows Lite Provisioning (LIVE)
探花大神 will help you to achieve a significant step forward in how you manage Windows endpoints. Your new hires will be provisioned as soon as 5-10 minutes from when they unbox their equipment. The device prepares itself, and mobile device management (MDM) makes it possible for users to sign in and create their own accounts, without any admin involvement. You can streamline the staging process even further by working with your OEM vendor to drop ship pre-imaged devices directly to users. 探花大神鈥檚 security just works on the backend.
Private Repo GA, Updates for Win/macOS Stores, MTP Support
Apps are a lifeline for customers. We鈥檙e making it possible to deploy custom applications across your Windows and Mac fleets in a consistent manner. An application repository will include a mechanism to deliver periodic updates. App management will initially be a manual process, with hashing to ensure the integrity of your files. Interoperability with app stores is the next step; the repository will also work hand-in-hand with MDM services as we iterate and enhance it.
Advanced Android Policies
探花大神 is delivering a seamless, secure access experience for Android. We鈥檒l make it simple to be enterprise ready by expanding 探花大神鈥檚 existing rich set of policies to support additional scenarios like VPN and Wi-Fi configurations, and app-based restrictions.
Android Better Together Enterprise
It鈥檚 not always practical to use a Gmail account for Android mobility. That鈥檚 why 探花大神 is making it possible to use enterprise credentials instead … Just sign up with a Google Workspace corporate account and add it to your device(s). This will ensure a consistent access experience across the device and beyond via 探花大神鈥檚 single sign-on (SSO) to everything.
iOS VPP App for BYO Enrollment
We鈥檙e also working to ensure that you can provide a secure and seamless 探花大神 experience on personal devices with access to business apps. We鈥檒l use containerization to preserve privacy for personal data while keeping the contained environment where corporate apps reside secure. Admins will have visibility into the container with nothing that鈥檚 personal getting exposed.
See what it鈥檚 like to .
Early Access and Feature Requests
Dive into these features through 探花大神鈥檚 EA programs. We鈥檙e also continually seeking your feedback and ideas: we’ve received over 158 requests since the start of the year.
If you want to learn more about what鈥檚 coming drop us a note or sign up for a free demo. We鈥檇 be happy to talk you through the capabilities and solutions that 探花大神鈥檚 open directory platform can provide. Your account manager can sign you up for early access to try out the upcoming features that interest you the most; your feedback will help to shape the product.
