No, definitely not full admin access. Just a support tool called “SuperUser”.
It was a customer service rep who could send password reset emails.
Systems listed were that app and SaaS offerings. The laptop was vendor owned and managed.
Given my experience, it probably had 0 access to anything “inside” Okta. There was no mention of vendor VPN or Virtual Desktop access. Or access to any internal system beyond what was a horribly named call center support tool.
They really wouldn’t have passed the necessary audits for their enterprise and government customer base if they allowed 3rd party devices “real” access.
Beyond a “hacker” getting access, there is very little trust in (likely) contract employees of a contract company.
The fact that the tool is named Super User is killing them more than anything here.
It was a customer service rep who could send password reset emails.
Systems listed were that app and SaaS offerings. The laptop was vendor owned and managed.
Given my experience, it probably had 0 access to anything “inside” Okta. There was no mention of vendor VPN or Virtual Desktop access. Or access to any internal system beyond what was a horribly named call center support tool.
They really wouldn’t have passed the necessary audits for their enterprise and government customer base if they allowed 3rd party devices “real” access.
Beyond a “hacker” getting access, there is very little trust in (likely) contract employees of a contract company.
The fact that the tool is named Super User is killing them more than anything here.