security

As I discussed in my previous post, Okta’s Risk-Based Authentication feature helps organizations overcome the challenges of balancing security with usability. You may have heard a lot about Risk-based Authentication over the past couple of months, and now that Risk-Based Authentication is Generally Available, I want to give an updated overview of…

Most of us are now familiar with the term “Zero Trust”, seeing it emblazoned on many a booth and bus at security conferences throughout the year. The term has certainly reached buzzword status, and with good reason: today, security leaders recognize more than ever the need to move away from a perimeter-oriented approach to security. But putting a…

Corporate data is a popular target for hackers, with over 9,600 breaches recorded between 2008-2019 in the U.S. alone. Not only are attacks growing in volume, but also in sophistication: A study by the Identity Theft Resource Center (ITRC) indicates that account takeovers increased by 79% between 2017 and 2018. Devastating attacks like these can…

Modern organizations are adopting new technologies more rapidly than ever before, and their increasingly mobile workforces — which include not only employees, but external contractors and partners — have expanded far beyond office walls. Today’s organizations face progressively complex security challenges, and must maintain a posture that offers…

When implementing security policies across an organization, most administrators want to adhere to industry best practices. But that’s not as easy as it may seem: the threat landscape isn’t static — it’s changing day by day. What were once considered the best practices for security configurations, including password policies and MFA requirements,…

Let’s face it: we’re all tired of passwords. They’re a major pain for users and not nearly as effective at securing accounts as they pretend to be. Thankfully, there is a better way! We are excited to announce a new set of passwordless capabilities in Okta that will allow you to deliver seamless auth experiences to all users! In this post, we’ll…

As the ever-shifting security and threat landscape continues to evolve, it can be tough to distinguish security fact from fiction. Some common data breach misconceptions can seriously misinform your organization’s security strategy. In this post, we’ll touch on three of the most common data breach myths, and share some information on why they don…

Passwordless authentication is an emerging authentication method that has been gaining traction as of late. In this post, we’ll explore what passwordless authentication is, the usability and security challenges that passwords present, and the benefits of passwordless authentication. What is passwordless authentication? At a basic level,…

Today consumer-facing service providers have a stark choice—to offer robust security or an easy user experience. But for many organizations, missing the mark on either of these elements can seriously damage their user engagement and retention rates—and by extension, their bottom line. To address this, we have now made Risk-Based Authentication…

Every day, we engage with an ever-growing number of applications and digital services—and each of them wants to know (and validate) that we are who we say we are. As companies try to combat the prevalence of large-scale data breaches, the adage ‘on the internet, nobody knows you’re a dog’ is losing its validity. In fact, it’s getting more and more…