security

Why I joined Okta as their Chief Product Officer

After 15 years of experience leading product development for some of the largest companies in the world, I’m excited to share that I’ve recently joined Okta as their Chief Product Officer. Identity continues to play an increasingly important role in our modern digital lives, and I’m thrilled to lead Okta’s product innovation as we work to enable a…

Prevent Large-Scale Identity Attacks with Okta ThreatInsight

In today’s tech landscape, the importance of securing user logins has become a no-brainer. We’re constantly seeing reports of data breaches as a result of identity attacks, and we know those threat actors aren’t going anywhere. According to the 2018 Verizon Data Breach Investigation Report, stolen credentials are still the #1 culprit in confirmed…

How Okta Protects You Against Identity Attacks

From Okta’s position at the “front door” of many organizations, we tend to see a significant number of authentication-related cyber attacks. This presents a real risk to organizations, especially when exacerbated by poor password habits. As we detailed in our 2019 Businesses at Work report, 40% of survey respondents reported using only 2-4…

Putting the 8 Principles of Infrastructure Access into Practice

IT and security teams want to protect sensitive data and systems from online threats to preserve both the bottom line and their organization’s reputation. This means securing access to cloud and on-prem infrastructure. But legacy techniques have largely failed users and IT administrators in this regard—it’s time for a modern approach. Why have…

The Ultimate guide to WebAuthn registration and auth flows

In March 2019, the World Wide Web Consortium (W3C) announced that WebAuthn is now the official web standard for password-free login. With support from a broad set of applications (Microsoft Edge, Chrome, Firefox, Mobile), widespread adoption of WebAuthn is expected in coming years. In previous blog posts we went through how WebAuthn can benefit…

The Case for Securing your B2B Connections

Whether you’re a clothing company integrating with an online shopping platform, a kitchen appliance manufacturer offering smart interfaces, or a nutritional supplement provider releasing a health app, these days every company is a technology company. In this new business landscape, innovation goes hand-in-hand with collaboration, as more and more…

Employee Security Training: The Basics

2018 witnessed a slew of cyber attacks affecting enterprises like Whole Foods, Macy’s, Uber, Facebook, Google+, Under Armour, and many more. According to the Ponemon Institute's 2018 Cost of Data Breach report, the average total cost of data breaches rose from $3.62 million in 2017 to $3.86 million in 2018—an increase of 6.4%. The report also…

OAuth: When Things Go Wrong

Picture this: you sign up for a new app, and it asks if any of your friends are using it. In order to find out, the app asks for your email address...and your password. While it seems ludicrous now, this was once considered a normal user flow. But many apps still need permissions from third-party programs. And if users can’t do this safely, they…

Embracing the Kanyes of Our Organization

Let’s talk about Kanye. You might remember that he was featured on international news when he entered his phone password on live TV. But the part that earned him national mockery was the password itself: 000000. It’s easy to laugh at the example he set, but, unfortunately, his attitude towards security is similar to many people today. And when…

A Path to Achieving Network Security ZEN

As new philosophies around network security arise alongside ongoing technological advances, forward-thinking companies are changing the way users interact with—and feel about—network security as part of their work day. People are the new perimeter Up until recently, network security relied upon a network perimeter—anything inside the perimeter…

Archive