2018 witnessed a slew of cyber attacks affecting enterprises like Whole Foods, Macy’s, Uber, Facebook, Google+, Under Armour, and many more. According to the Ponemon Institute's 2018 Cost of Data Breach report, the average total cost of data breaches rose from $3.62 million in 2017 to $3.86 million in 2018—an increase of 6.4%. The report also…

Picture this: you sign up for a new app, and it asks if any of your friends are using it. In order to find out, the app asks for your email address...and your password. While it seems ludicrous now, this was once considered a normal user flow. But many apps still need permissions from third-party programs. And if users can’t do this safely, they…

Let’s talk about Kanye. You might remember that he was featured on international news when he entered his phone password on live TV. But the part that earned him national mockery was the password itself: 000000. It’s easy to laugh at the example he set, but, unfortunately, his attitude towards security is similar to many people today. And when…

As a cloud-native company, our customers are counting on us to be globally accessible, have 100% reliable service, and maintain up-to-date security policies -- in other words, be always on. All of that depends on trust. And that trust starts with transparency. So with trust and transparency as our dual goals, we’re excited to announce two new…

As new philosophies around network security arise alongside ongoing technological advances, forward-thinking companies are changing the way users interact with—and feel about—network security as part of their work day. People are the new perimeter Up until recently, network security relied upon a network perimeter—anything inside the perimeter…

For those not familiar with FIDO2, it is an improved version of the FIDO standard – popularly known for the U2F USB tokens provided by Google and Yubico. Now that we've explored what Webauthn is and reviewed critical Webauthn building blocks and protocols, I’ll use this post to break down how you can leverage WebAuthn with FIDO2 to enhance both…

It’s Tax Day. A day of dread for some, an annual routine for others. Can you think of any other financially impactful space where a DIY vs professional choice is so widely debated? Sure, when you’re just starting out, you can do a lot of things on your own without too much damage. But as you grow and obtain new assets, you may want to hire…

In March 2019, the World Wide Web Consortium (W3C) announced that WebAuthn is now the official web standard for password-free login. With support from a broad set of applications (Microsoft Edge, Chrome, Firefox, Mobile), widespread adoption of WebAuthn is expected in coming years. In a previous blog post we went through some examples of how…

Recent history tells us that data migrations are fraught with potential risks. Whether your company is adopting new software, integrating a new operating system, or moving from a legacy system to the cloud, migrating data requires meticulous planning that covers all the bases. Skipping any of the processes, tools, and tests necessary for a…

Last week, we hosted our seventh-annual Oktane conference, back in our hometown of San Francisco. Each year, I kick things off with our Welcome Keynote where we share Okta’s vision and demonstrate our new products and functionality. While my contribution to the keynote happens in just an hour and a half on the mainstage, it takes months of work…