A global pharmaceutical company needed help. The client’s major concern was for the online safety of their workforce. Quick action was required to:
- Reduce information security risks in relation to social engineering for helpdesk calls;
- Prevent fraudulent attacks against Okta;
- Complete an assessment of end user awareness for phishing.
The client’s automation requirement could not be met by the native Okta solution, but our team of experts at Atlas Identity believed the necessary functionality could be built using Okta Workflows, instead of buying a new solution. This is how…
step 1
A phishing simulation workflow was built to detect staff’s ability to resist phishing attempts. The simulation sent unsolicited ‘Okta Verify Push’ events to determine if staff will click on an unexpected MFA prompt. Following the assessment, a report was sent back to the client to identify areas of staff training.
step 2
A helpdesk user validation workflow was introduced to determine customer verification. This change significantly protected the helpdesk against user impersonation, and substantially reduced fraudulent attacks.
step 3
An ‘Okta Under Attack’ workflow was designed to notify a client contact urgently in the event of any intrusion.
progress
Following the success of combatting fraudulent attacks on the client, the Okta SSO and MFA policies were adapted to meet the expanding business demands. The client is now committed to using Okta Workflows for any future automation requirements.