Compliance

Put simply, personal data is information that relates to 1. an identified or identifiable person or 2. an identified or identifiable legal entity (where such information is protected similarly as personal data under applicable data protection laws and regulations). While regulations use different terms with slightly varying definitions, “personal…

At Okta, trust and transparency are core to who we are as a company. These values critically inform the way we view our responsibilities to our customers and to the personal data of their users that they entrust to Okta. The keystone of our transparency is providing our customers with a clear understanding of how we collect, process, and secure…

Okta is the identity company that stands for trust. We consider the security and privacy of our customers’ data as foundational elements of our business. Today, we’re updating our customers about their transfers of EU individuals’ personal data to Okta’s service, in light of the July 16, 2020 decision of the Court of Justice of the European Union …

Welcome to our Founders in Focus series, where each month we highlight one of the founders of Okta Ventures’ portfolio companies. You’ll learn more about them and how they work with Okta. This month, we’re getting to know DataGrail, and their mission around privacy compliance. What is DataGrail and what is your mission? DataGrail aims to make…

  For our second edition of The Production Line, we’re going back to the future with Automations. Introduced in February of 2019, this Early Availability (EA) feature is currently the most popular EA selection since we added self-enablement options for super admins, so let’s dig in! What are Automations? The Automations feature impacts three areas…

At Okta, we run compliance differently. Most organizations place compliance under either the legal or finance team, who don’t work with their security team to ensure those controls are implemented effectively. At Okta, we use security to drive compliance. Compliance is complex and regulations are a moving target, with GDPR and other privacy…

With the proliferation of massive security breaches like Panera Bread and many others in 2018, new data privacy regulations like the GDPR are being enforced to protect individuals’ personal data. As awareness of these breaches rises, loss of individual trust is tied directly to customer sentiment, which, in turn, impacts revenue. In this post, we…

Beginning on May 25, 2018, the General Data Protection Regulation (GDPR) became officially enforceable. This new regulation is now top of mind for any organization storing and processing EU citizen data. Consumer-facing apps and sites are of particular sensitivity. The challenge is that while the GDPR provides guidelines for compliance, it is not…

Online data privacy has always been a controversial topic. The fact that users store data with third parties has demanded increased transparency on how these platforms actually store and process personal data. Data breaches resulting in compromised personal information have added fuel to the fire, proving that privacy concerns are warranted. These…

The job of a CISO is a tough one. Adaptability is key in a field where change is the only real constant, as new laws, evolving regulations, and increasingly complex security threats challenge even the most seasoned executive. While many of the regulations that CISOs deal with are industry specific, the approach to compliance (ensuring teams have…