Gartner Recognises Okta as an Identity Leader — 7 Years in a Row

Last week, Okta was named as a Leader in Gartner’s fourth edition of its Magic Quadrant for Access Management report. We are the only vendor that has consistently been a Leader since the inception of Gartner’s evaluation of the identity space — starting with the first Identity as a Service (IDaaS) Magic Quadrant seven years ago.  Over the years,…

What Is SMS Authentication and Is It Secure?

SMS authentication—also known as SMS-based two-factor authentication (2FA) and SMS one-time password (OTP)—allows users to verify their identities with a code that is sent to them via text message. A form of two-factor authentication, it often acts as a second verifier for users to gain access to a network, system, or application, and is a good…

What is Zero Trust Security?

Zero Trust is a security framework based on the belief that every user, device, and IP address accessing a resource is a threat until proven otherwise. Under the concept of “never trust, always verify,” it requires that security teams implement strict access controls and verify anything that tries to connect to an enterprise’s network. Coined in…

10 Tips for Breaking Down the Complexities of Audits & Compliance

In our previous posts for this 5-part series on lifecycle management, we offered various best practices you could implement to better manage identity data, lifecycle processes, and access grants. Today, we’ll review the identity-related challenges surrounding audits and compliance, and offer ten ways to gradually chip away at the complexities of…

What Is an API?

API is an acronym that stands for “application programming interface,” and it allows apps to send information between each other. While there are numerous protocols and technologies involved, the underlying purpose of APIs is always the same: to let one piece of software communicate with another.  APIs (sometimes described as web services) work in…

What Is Attribute-Based Access Control (ABAC)?

Attribute-based access control (ABAC) is an authorisation model that evaluates attributes (or characteristics), rather than roles, to determine access. The purpose of ABAC is to protect objects such as data, network devices, and IT resources from unauthorised users and actions—those that don’t have “approved” characteristics as defined by an…

Magic Links: Passwordless Login for Your Users

Magic links are a form of passwordless login. Instead of the user entering any login credentials to sign in, they are sent a URL with an embedded token via email, and sometimes via SMS. Once the user clicks that link to authenticate, they are redirected back to the application or system having successfully signed in—as if they used a “magic”…

5 Reasons You Want an Out-of-the-Box Identity Service

Whether you’re building a new app or migrating a legacy app to the cloud, you face a choice: build everything in-house or selectively use out-of-the-box services to make the job easier and faster. Out-of-the-box services like Twilio, for messaging, and Braintree, for payments, have gained popularity because they help lean dev teams remain agile…

Archive

Follow Us
Share on Linkedin Share on Youtube