The Australian Football League (AFL) has made significant progress in protecting its digital identities and safeguarding sensitive information by leveraging Okta’s innovative solutions to score big on both security and operational efficiency.
In a recent iTnews podcast, Rob Pickering, CTO of the AFL, and Phil Goldie, vice-president and managing director of Okta ANZ, shared insights into this transformative journey.
Pickering highlighted the complex security challenges faced by the AFL before implementing Okta’s solutions.
“We face the same issues as many organisations, with a rapidly evolving threat surface and a plethora of business applications that need to be secured,” Pickering said.
He emphasised the importance of knowing who is accessing systems and when, as the AFL moved to cloud-based applications and a more dispersed work environment.
Moving all applications behind Okta was a significant shift for the AFL, driven by the need for a seamless employee experience and robust security measures.
“Our staff need to know only one portal to log into,” said Pickering. “This simplifies onboarding and ensures that all applications are accessible at a single click, enhancing both security and user experience.”
A Single AFL Identity for Fans
Notably, AFL’s goal of establishing a single digital identity for its 11 million fans is a major initiative aimed at improving fan engagement.
“We want all fans to have a frictionless experience when engaging with the AFL’s digital assets,” Pickering said. By consolidating multiple digital identities into a single AFL ID, the organisation aims to provide personalised experiences and gather valuable insights about fan preferences.
“Our goal is to ensure that if you’re engaging with the AFL for any reason, you’ll have one ID to rule them all.”
Like Pickering, Okta’s Goldie highlighted the importance of reducing friction in security processes to maintain user engagement.
“Friction costs adoption. When introducing additional levels of security, it’s crucial to ensure that user experience doesn’t suffer,” Goldie said. “The intelligence of cloud-based identity platforms like Okta helps balance security and usability effectively.”
“On the employee side, while people must access systems to perform their roles, increased friction can lead them to seek ways around security measures. This has been a longstanding challenge for organisations. The distinction between internal and external friction is crucial, and it’s noteworthy how the AFL addresses both aspects differently, yet consistently, in their identity deployment strategy,” Goldie said.
“This approach goes beyond security; it’s also about enhancing the employee experience through tools like Okta.”
‘Adaptive MFA’ balances security with usability
The AFL now benefits from Okta’s multifactor authentication (MFA) and identity governance, which streamline user account management and enhance security.
“MFA is probably one of the most important, if not the most important, thing you can do to protect your environment,” Pickering said. “With MFA, even if a username and password are compromised, a second factor is required to access the system.”
Ultimately, Pickering said “adaptive MFA,” as implemented by the AFL, balances security with usability, ensuring that users face minimal friction while maintaining robust security.
Okta’s Goldie said MFA technologies for both customer and workforce identity will likely continue to gain momentum over the next 12 to 18 months. Almost every breach seems to stem from failed usernames, passwords, or credentials.
Adaptive MFA, in particular, “strikes a balance by ensuring that the right factors are used for the right access without making the user experience so inefficient or poor that people look for ways around the security measures. Cloud-based identity platforms bring intelligence to MFA, which can accelerate technology adoption,” said Goldie.
Unlocking ‘Competitive’ Edge
Goldie highlights that beyond adaptive MFA, Okta’s dedication to independence and neutrality provides another competitive edge.
“It’s a foundational principle since our inception and remains a central focus moving forward. Many of our current customers and businesses, including organisations like the AFL, recognise the importance of clearly defining boundaries between applications while ensuring robust security and governance,” Goldie said.
“In today’s landscape, where comprehensive security and diverse application ecosystems are crucial, our approach stands out. While large, monolithic SaaS platforms enhance security across various layers, Okta uniquely emphasises identity isolation as a standalone, neutral platform. This versatility spans across technologies, applications, and devices, ensuring broad compatibility and robust security measures.”
In that vein, he said businesses should ask themselves if they have the right delineation between the applications that they’re using and their ability to secure and govern those applications.
“There may be commercial advantages to bundling products from one provider, but the ability to isolate identity as a key technology pillar, as a standalone, neutral platform that works across any kind of technology, any kind of application, any kind of device is going to be incredibly important in the future. Organisations with this mindset are leading the way.”
Future Play
Looking ahead, both Pickering and Goldie see emerging technologies like biometric authentication and behavioural analytics playing a crucial role in identity management.
“Technologies like pass keys and biometrics are gaining adoption and offer more secure and user-friendly authentication methods,” Goldie said. These advancements are expected to further enhance the security and efficiency of identity management systems.
The AFL’s adoption of Okta solutions marks a significant step in improving both security and user experience, setting a benchmark for other organisations facing similar challenges.
For more insights into the AFL’s digital transformation journey, listen to the full podcast with Rob Pickering and Phil Goldie here.