security

Not too long ago, most—if not all—business operations were conducted on premises, behind the safety of a firewall, and on devices managed by the company. Though it may not have seemed like it back then, those were simpler times. Today, it’s common for modern enterprises to work with a variety of users from outside the network. These users are…

At Okta, we run compliance differently. Most organizations place compliance under either the legal or finance team, who don’t work with their security team to ensure those controls are implemented effectively. At Okta, we use security to drive compliance. Compliance is complex and regulations are a moving target, with GDPR and other privacy…

You’ve probably heard about APIs and the API economy, and how they’re changing the way that applications are built. Companies like Uber and Airbnb that utilize 3rd party APIs extensively throughout their products have achieved a world class customer experience while being able to scale considerably fast. Focus on your strengths At the practical…

After 15 years of experience leading product development for some of the largest companies in the world, I’m excited to share that I’ve recently joined Okta as their Chief Product Officer. Identity continues to play an increasingly important role in our modern digital lives, and I’m thrilled to lead Okta’s product innovation as we work to enable a…

In today’s tech landscape, the importance of securing user logins has become a no-brainer. We’re constantly seeing reports of data breaches as a result of identity attacks, and we know those threat actors aren’t going anywhere. According to the 2018 Verizon Data Breach Investigation Report, stolen credentials are still the #1 culprit in confirmed…

From Okta’s position at the “front door” of many organizations, we tend to see a significant number of authentication-related cyber attacks. This presents a real risk to organizations, especially when exacerbated by poor password habits. As we detailed in our 2019 Businesses at Work report, 40% of survey respondents reported using only 2-4…

IT and security teams want to protect sensitive data and systems from online threats to preserve both the bottom line and their organization’s reputation. This means securing access to cloud and on-prem infrastructure. But legacy techniques have largely failed users and IT administrators in this regard—it’s time for a modern approach. Why have…

In March 2019, the World Wide Web Consortium (W3C) announced that WebAuthn is now the official web standard for password-free login. With support from a broad set of applications (Microsoft Edge, Chrome, Firefox, Mobile), widespread adoption of WebAuthn is expected in coming years. In previous blog posts we went through how WebAuthn can benefit…

Whether you’re a clothing company integrating with an online shopping platform, a kitchen appliance manufacturer offering smart interfaces, or a nutritional supplement provider releasing a health app, these days every company is a technology company. In this new business landscape, innovation goes hand-in-hand with collaboration, as more and more…

2018 witnessed a slew of cyber attacks affecting enterprises like Whole Foods, Macy’s, Uber, Facebook, Google+, Under Armour, and many more. According to the Ponemon Institute's 2018 Cost of Data Breach report, the average total cost of data breaches rose from $3.62 million in 2017 to $3.86 million in 2018—an increase of 6.4%. The report also…