In an interaction with CIOTechOutlook, Ajay Advani, VP, APJ Channel & Strategic Alliances at Okta, has shared his views and thoughts on the main challenges companies face when adopting decentralized identity solutions as well as what steps organizations can take to protect against identity misuse and fragmentation. Ajay Advani is a seasoned business leader with over 20 years of experience in sales management, channel development, emerging markets, and legal affairs. As the Vice President of Channel and Strategic Alliances for the Asia Pacific and Japan (APJ) region at Okta, Ajay spearheads the growth of the company’s partner ecosystem, driving revenue through strategic collaborations, enablement programs, and deep partner engagement.

1. Digital transformation is impossible without secure and scalable identity management solutions. What is your view on the biggest gaps in current solutions, and how can organizations address them?

In my experience, one of the most significant challenges organizations face today is dealing with fragmented identity systems. Many companies operate with legacy infrastructures that are siloed and lack comprehensive visibility. This fragmentation not only complicates operations but also increases security risks and hinders agility, especially in hybrid environments or during mergers and acquisitions.

To overcome these challenges, it's essential for organizations to embrace a unified identity platform. Such a platform should seamlessly integrate with existing systems, leverage AI-driven insights, and provide detailed authorization controls. It's about ensuring protection at every stage of the user journey—before login with identity posture management, during access with adaptive multi-factor authentication, and after authentication with robust threat protection.

By adopting a converged identity approach, businesses can reduce technical complexities, accelerate their digital transformation efforts, and enhance their overall security posture. At Okta, we're committed to supporting our partners and clients in navigating this journey towards more secure and efficient identity management.

2. With the rise of decentralized identities, organizations must navigate a balance between centralization and privacy. What are the main challenges companies face when adopting decentralized identity solutions?

Decentralized identity is an exciting development in the digital identity space. It offers individuals greater control over their personal data and reduces the risks associated with centralized data storage. However, adopting this model isn't without its challenges.

One significant hurdle is the absence of universal standards. Without a common framework, ensuring interoperability across different systems becomes complex. Additionally, regulatory landscapes vary widely, making it difficult for organizations to navigate compliance when implementing decentralized identity solutions.

For decentralized identity to be successful on a larger scale, collaboration between the public and private sectors is vital. Establishing and adopting common standards will ensure that both businesses and individuals are protected as we transition to these new identity paradigms.

3. Identity fraud and credential theft continue to rise, causing significant financial and reputational damage to businesses. What innovative strategies can businesses adopt to combat identity fraud while maintaining user convenience?

Identity fraud has become more sophisticated, and traditional security measures like passwords and SMS-based one-time passwords are increasingly vulnerable. To effectively combat identity fraud without compromising user experience, organizations should adopt a layered, intelligence-driven approach.

Implementing risk-based authentication allows for real-time assessment of factors like user behavior, device reputation, and geolocation to determine when additional verification is necessary. Embracing advanced authentication methods such as biometric verification, passwordless authentication, and phishing-resistant multi-factor authentication (like FIDO2) enhances security while maintaining user convenience.

Proactive monitoring for compromised credentials, including those leaked on the dark web, and deploying AI to detect anomalies post-login are essential. Okta's Identity Threat Protection with AI continuously evaluates session risks and responds to threats in real-time, ensuring both security and a seamless user experience.

As organizations increasingly rely on AI agents, service accounts, and other non-human identities (NHIs), it's crucial to secure these entities effectively.

4. As digital identities become increasingly linked to IoT and AI ecosystems, what steps can organizations take to protect against identity misuse and fragmentation?

In today's digital landscape, identities extend beyond individuals to include devices, bots, and applications. Each of these entities holds access privileges, making them potential targets if not properly managed.

To safeguard against misuse and fragmentation, it's crucial to treat all identities with equal importance. Implementing privileged access management for sensitive systems, automating lifecycle management, and establishing fine-grained access controls are essential steps.

However, managing these aspects can be complex. That's where solutions like Okta's Identity Threat Protection with AI come into play. This tool continuously monitors user sessions, evaluating risks in real-time and responding to threats as they arise. Whether it's detecting anomalies in user behavior or identifying potential session hijacking attempts, it provides a proactive approach to identity security.

By integrating such solutions, organizations can ensure that their identity management keeps pace with the evolving digital landscape, maintaining both security and operational efficiency.

5. With the rise of data breaches and cyber threats, what steps have to be taken to enhance the security of identity systems while ensuring a seamless user experience?

Security and usability no longer have to be at odds. Modern identity solutions are designed to enhance both. To raise the security bar without compromising user experience, organizations should focus on:
 

• Passwordless authentication through biometrics or device-based tokens.
• Continuous authentication using behavioral biometrics and machine learning to assess trust dynamically.
• Unified identity platforms that eliminate redundancy, simplify access, and reduce complexity.
• Signal sharing across the cybersecurity ecosystem to detect and respond to threats holistically.
   

As we look to the future, the focus must be on delivering frictionless, context-aware identity experiences that empower both users and security teams.