Yes, Okta (often referred to as Octa) can track a user's location to determine whether they are in the office or working remotely.
Here's how it generally works:
Geolocation based on IP address: Okta utilizes services like Maxmind's file-based geolocation to identify the approximate location of a login request based on the user's IP address.
Okta Verify app: The Okta Verify app, if used, may also track location when the app is opened on a mobile device. This information can be used to assess the risk of a sign-in attempt by matching it against defined profiles.
Security policies based on location: Based on this location information, Okta can implement security policies to control access to resources. For example, access might be restricted or require multi-factor authentication if a login is initiated from an unexpected location.
Important Considerations:
Accuracy of IP geolocation: The accuracy of IP geolocation can vary, and it might not always be precise down to a specific street address. However, it is generally accurate at the country and state/region level.
Purpose of location tracking: Okta primarily uses location data for security purposes, such as detecting potentially risky sign-in attempts.
Privacy: Users should be aware that location tracking might occur, especially if using the Okta Verify app. Some organizations have policies in place to track employees' locations for compliance or productivity purposes.
In essence, Okta's ability to track user location through IP addresses and potentially the Okta Verify app enables it to differentiate between in-office and remote access attempts, contributing to a more secure and adaptable identity and access management system.
9 replies (most recent on top)
@cw The least of these reasons being that if there's ever a lawsuit involving your team, your personal phone is now open to discovery.
NEVER use your personal phone for work, here or anywhere else. If the company doesn't provide a phone, then I guess they don't get to reach you unless you're sitting in front of your computer.
Look into your state employee laws regarding downloading company info/apps on your personal phone. There maybe some protections. If so EH will need to provide a company phone or the yubi -key.
Zero chance this is going on my personal phone.
Are they really expecting us to put this on our personal devices or was that email sent out in error?
@bz - Agreed. EH property is theirs, your property is yours. No commingling should be accepted.
I knew there had to be a reason they were pushing this so hard.
Unsurprised
Also - I would never put it on a personal device!
@bq it’s not stupid, it’s necessary to keep us from being hacked. Many companies already do this. This has been rolled out poorly. I find it funny that leadership assumed we’d would all download this app to our personal phones no questions asked. EH has made our lives difficult for last few years and assumed we just blindly trust and comply . Uh nope.
Why are they even doing this? It's stupid. They already sent all available information around the world a hundred times over, so exactly what do they THINK they're protecting by requiring this? It's redonkulus.