security

Building and maintaining Okta’s security program is an interesting job, to say the least. The stakes are high: Not only is identity management core to IT, it is central to an enterprise’s security. Plus, Okta delivers IDM from the cloud, so between mobile devices, third-party partners and the inherent security concerns associated with user habits,…

The New York Times recently ran an interesting profile of Peter Neumann, one of the preeminent computer scientists in the world. The story, “Killing the Computer to Save it,” details Neumann’s ideas for how to solve the inherent security vulnerabilities in computer systems that have been repeated again and again for the past 50+ years. Neumann’s…

Last week, Ars Technica’s Dan Goodin published a story detailing how downloaded Android applications have the potential to expose the sensitive personal data of more than 185 million users. Vulnerabilities due to inadequate or incorrect use of SSL/TLS protocol libraries expose everything from online banking and social networking credentials to e…

During the past few weeks, I’ve written about what it takes to build a cloud service that’s ready for the enterprise. Essentially, there are three characteristics that set true enterprise cloud services apart from their consumer counterparts: Security. Reliability. Trust. When evaluating an enterprise cloud service for those characteristics, there…

Verification has been making the news lately. Earlier this month, Box announced that it was adding a two-step login verification, just weeks after Dropbox added two-step verification. And it was Wired journalist Mat Honan’s devastating personal identity hack in August that inspired my blog series on what it takes to build secure cloud services for…

Last week, I posted the fourth installment in a six-part blog series about what it takes to have an enterprise-ready cloud service and the three characteristics (security, reliability and trust) that differentiate an enterprise cloud service from a typical consumer cloud service. In this series, I’ve discussed five aspects to look at when…

I recently released the first and second installments of a six-part blog series about what it takes to have an enterprise-ready cloud service. While the identity hack of Wired’s Mat Honan (and the media fallout that followed) spurred the idea, the focus is on the three characteristics that differentiate an enterprise-grade cloud service from a…

Last Tuesday I released part 1 of a series of blog posts that discuss what it takes to have an enterprise-ready cloud service. (As a quick refresher, the idea of defining the enterprise cloud was spurred after the media fall-out from the identity hack of Wired’s Mat Honan.) In the post, I identified the three broad characteristics that…

Today we announced some exciting market momentum – in a July report, Forrester Research, Inc. named Okta a cloud identity and access management (IAM) leader. The report – “The Forrester Wave: Enterprise Cloud Identity and Access Management, Q3 2012” – is a close examination of the top most significant cloud IAM providers, measuring each against a…

If one of your many usernames and passwords hasn’t been hacked lately, consider yourself lucky. Just this week, two more companies — Yahoo and the social question-and-answer site Formspring — announced major security breaches. The New York Times reported that 450,000 Yahoo accounts were comprised and according to CNET, Formspring had more than 420…