Archives

Energy management is a hot topic (sometimes literally.) One of our customers, EnerNOC, is playing an industry-changing role in the energy management space by offering technology-enabled solutions to commercial, institutional and industrial organizations. In addition to providing demand response solutions, the company also offers energy consulting to businesses looking to use energy more intelligently. Gerry Wilson, EnerNOC’s CIO, recently sat down with Okta to discuss our role in helping the energy management solution provider move to the cloud and successfully integrate its IT organization while doing so.

“The move to the cloud has changed the way we’ve viewed identity and access management to some extent,” Gerry said. “While the challenge remains the same whether the applications are on premise or in the cloud, it becomes more difficult when you’re dealing with cloud-based identifications to both manage those identifications and reset those passwords. If it’s not something you’re doing on your own premise, you’ve got to work through your third party providers and applications to get that done.”

According to Gerry, the decision to chose Okta was simple. He and the EnerNOC team selected Okta after evaluating several identity providers because we provided an easier solution to EnerNOC’s existing manual process and our features, functionality and ease-of-use beat out those of the other products on the market.

“We’re very happy with the selection we made,” Gerry said. “The account team engagement has been great, and we look forward to continuing to work and take advantage of the new features that we expect the folks at Okta to continue to rollout and deploy.”

To hear our full interview with Gerry, watch EnerNOC’s customer testimonial video below or on our website.

Looks cool, right? Well, it was no easy task. A lot went into building Okta Mobile for iOS. I’d have to write a multi-page article to cover all of the aspects involved in building a mobile app, so let’s instead focus on the most interesting aspects of Okta Mobile. There are three key elements:

• Multi tab browser
• SSO wrapper
• Security

In addition to these key elements, I’ll also address memory management and the methods we used to get customer feedback during the development process.

Multi-Tab Browser

The Okta Mobile app is essentially a multi-tab browser wrapped with Okta’s single sign-on (SSO) technology to simplify the login process for users. SSO and security are the core distinctions, but it is also equally important to develop an app browser that is as close as possible to a main grade browse. It was clear to us that SSO without the convenience of a multi-tab browser wouldn’t achieve successful adoption among our users. So, we set out to build a cool, performant multi-tab browser.

One of the most difficult parts of building a multi-tab browser is implementing a tab bar. There aren’t any standard iOS controls or popular open source browser tabs available to use ‘as is.’ UX is a priority at Okta, so we invested time and energy to implement our own tab bar.

Caching is another important consideration. NSURLCache with too much in-memory cache will result in frequent low memory warnings, while too little cache will result in a slower browsing experience for the user. The cache size must be balanced well for an optimal browsing experience.

Single Sign-On (SSO)

On the Web, Okta supports several SSO methods, including SAML and form-based authentication. These methods can be categorized in two ways: those that require a plugin execution on the client side (form authentication) and those that require server-based methods (SAML). We solved form-based authentication by developing Okta browser plugins, which reside in the client browser, to detect login pages and to complete SSO for the user. Okta provides different plugins for all major browsers (Chrome, Firefox, Safari and Internet Explorer).

Apple iOS does not provide plugin support in its Safari browser, ruling out a plugin-based approach for form-based authentication. We decided to build the Okta mobile app to handle SSO in mobile. How’d we do it?

Okta has already solved SSO for desktop browsers, so we used existing code to build mobile SSO. Okta Mobile leverages the existing SSO architecture to handle mobile SSO with minimal co-ordination code. For example, the mobile app does SSO for server-based authentication methods such as SAML by completely delegating it to the Okta server. The app simply makes a request to the server, which responds with a SAML-authenticated session. The Okta mobile app re-uses code written for browser plugins to handle SSO for form-based authentication.

Security

The Okta Mobile app is built on top of the Okta API and, interestingly, is the first major client for our API.  Every communication between the app and the Okta server is session authenticated. User identities are established through a login process and are re-established through a PIN challenge when users return to the app after a predefined timeout period.

By design, every SSO attempt in the app starts with a check to the Okta server, which validates session authenticity and then redirects the SSO request to the login web page. At the end of this redirection, the SSO engine in the mobile app takes over and completes sign on. It’s not possible for the app to handle SSO if the session is revoked on the server side because every SSO attempt is preceded by a check on the server side. This model is highly useful when a user’s device is lost, for example, because it’s only necessary to revoke the session on the server side. All subsequent SSO requests will be denied during the server check. A denial response from the server locks out the user from the app.

Memory Management

Have you ever wondered why mobile browsers refresh the page when you switch tabs? Or why there’s a limit on the number of tabs in your mobile browser? I too was frustrated until I realized why these non-user-friendly features are necessary in mobile browsers. The reason is quite simple. There isn’t enough memory assigned to your app to keep DOM structures for so many tabs. The iOS environment gives low memory warning to the app when resources are tight, and the app must heed these warnings. If a recovery action isn’t taken, the OS will kill the app.

Engage With Customers Early

Making our customers happy is core to our company. We have great customers that are always willing to be involved in the development cycle, and they provide us with valuable feedback. Okta Mobile is no exception.

We used private, ad-hoc distribution channels to give our customers beta releases of Okta Mobile. We assigned a point of contact on Okta’s side who collected valuable feedback from customers and channeled it back to the product and development teams. At Okta, development is an iterative process with our customers, which we repeated frequently before reaching the final version of Okta Mobile.

Today we announced that Okta’s on fire. Well, not exactly, but we did announce a more than 500 percent year-over-year increase to our customer count and significant adoption of our free Okta Cloud Connect product (formerly called Okta Directory Integration Edition). In the past twelve months, we added a few customers you might recognize, from your laundry detergent and cleaning supply brand to your favorite fast food fried chicken and your window to the world. That’s right: Clorox, Popeye’s Chicken and National Geographic are now among our more than 300 enterprise customers.

Another new customer that’s particularly exciting for us is London Gatwick Airport, the United Kingdom’s second largest international airport. Gatwick employs more than 27,000 staff members and contractors and saw more than 34.2 million passengers pass through its terminals in 2012. It recently chose Okta to be its core platform for identity and access management.

When Gatwick started adopting new cloud services like Box, ServiceNow and Yammer and instated a BYOD mobility policy, CIO Michael Ibbitson realized that identity management would be essential to their long-term IT strategy. They turned to Okta to handle the complex technical and security IT requirements and haven’t looked back.

“Gatwick Airport never shuts down, and we expect the same from our partners – especially for critical infrastructure such as identity,” Michael explains, “Okta proved that it has an enterprise-grade service that could meet our specific technical, operational and security requirements.”

We’re thrilled Michael and his team put their trust in us. Hundreds of others have as well, adopting our free Okta Cloud Connect product to seamlessly integrate their enterprise cloud apps like Box, Workday, salesforce.com and Google Apps to Active Directory.

As Whitney Bouck, General Manager of Enterprise at Box, explains, “Okta Cloud Connect helps our joint customers easily access Box securely and at scale, from any device or location, with the assurance that a person’s identity is thoroughly authenticated.”

We’re thrilled to welcome Gatwick and our Okta Cloud Connect adopters to the Okta family. Identity is becoming indispensible to how enterprises operate as increased cloud and mobile adoption push businesses further beyond the firewall, and we’ll keep the modern IT fire burning for Gatwick and our 300+ customers.

Lithium Technologies provides and enables some of the world’s leading brands with social customer experience. Misha Logvinov, Lithium’s chief customer officer, recently spoke with us on what drove Lithium to invest in an identity and access management solution, and more specifically, Okta. To hear our full interview with Misha, watch Lithium’s customer testimonial video below or on our website.

What caused you to seek out an identity and access management solution?

Prior to selecting Okta, we had no solution to manage our employees’ identities centrally. This presented a number of challenges both for our employees as well as for our IT organization. It limited adoption of our cloud tools and created significant overhead for our IT organization because people kept forgetting their passwords and sometimes would set insecure passwords. There was no real central way for monitoring and reporting on that.

So, why Okta?

One of the main reasons why we selected Okta of course is because it’s a cloud company. Lithium is a cloud company, and we’re shifting our IT services to the cloud. For us, having a partner that’s dedicated to the cloud was very important. The second criterion was usability. And we went through extensive evaluations of Okta, both within our IT organization, as well as with an extended pilot group. The results were very encouraging, which lead to us selecting Okta. We also looked to the company’s stability and maturity because this is a critical service and business application for us; we needed to make sure that Okta could scale with us and could support our extended needs.

And have results been positive?

Since implementation early last year, we’ve seen a very positive response from our user base; people started raving about how much time it’s saving them and how effective it is for them on a daily basis. After working with Okta for a little bit over a year, I’m really excited to see that our value system closely aligns with Okta’s value system. From taking customer success personally and really caring about customer success to acting and speaking with authenticity to ultimately building products that we are proud of, I feel like Okta is very much aligned with that.

We recently hosted a CIO panel with four IT leaders to discuss the evolving role of IT amid the pressures of mobile and cloud adoption in business today. Ralph Loura (CIO, Clorox), Dan Willey (CIO, Wilbur-Ellis), Evan Trent (SVP, School of Rock) and Carl Eberling (CIO, Encore Capital) represented an eclectic mix with backgrounds in consumer goods, agriculture, education and financial services. This unique mix made for a great discussion about the evolution and future of CIOs and IT.

Our CEO and panel moderator, Todd McKinnon, kicked things off by bringing up the notion that every company is now a technology company as mobile, cloud and other technologies seep into all aspects of business. Ralph and Evan both spoke about how Clorox and School of Rock use mobile as a core strategy to connect with consumers. Clorox, for example, repurposed almost all of its sites to be mobile friendly and launched five mobile applications, using technology to build a loyal fanbase. Evan, meanwhile, discussed how technology allows the music school with 100+ franchises worldwide to compete strategically and manage a dispersed IT. The company now sits 100 percent in the cloud and delivers programming from internal mobile apps to its students.

The conversation naturally turned to the CIO’s (and IT’s) evolving role within business. “We’ve been told the CIO role or IT is dead,” Ralph said, adding that IT’s role has transitioned from integration to marrying cloud and on-premises solutions in a way that solves today’s business problems. He joked that IT’s role is now “anthropological,” as The Wall Street Journal’s Rachael King noted from the panel.

Wilbur-Ellis CIO Dan Willey spoke about how in-house IT should focus on understanding the needs of the organization in context. “In the old days, you could be a technical professional and it didn’t matter what your company did,” he said. “But understanding what technology can do and how it can help your business is the biggest part of the [CIO] role.” He added that third-party services like Okta are needed to enable IT to focus on this new role. Carl, who has transformed IT at Encore Capital through cloud and other technologies, agreed. “You have to embed people who understand the heart of what is needed and are constantly challenging what is necessary,” Carl said.

Overall, it was a great discussion about the evolving role of IT as massive changes — and opportunities — affect business from nearly every industry. One thing’s certain: IT is more relevant than ever. Thanks again to our great panelists for participating!

You might not know this, but we’ve got some pretty fascinating people working behind the scenes at Okta. We sat down with one of them – senior UX designer Brian Hansen – to discover what’s in the company’s special sauce, discussing what he does day-to-day, why he chose Okta and what drives him to come to work every morning (and no, we don’t mean MUNI).

If you like what you read and think you might have what it takes to join our growing team, we want to meet you. Check out our Careers Page for available positions.

What is your current position and role at Okta?

Brian Hansen, Senior User Experience Designer at Okta

I’m one of two user experience designers at Okta. To explain my job in the simplest terms, I’m responsible for designing, and to some extent implementing, the user interface of Okta’s product. I was hired on as the sixth employee and have been with the company for almost four years. (Quite frankly, that’s rare for an enterprise to hire a UX designer so early on!)

Was Okta’s decision to hire a UX designer so early on important to you?

It’s one of those things you take for granted – because as a designer, you not only assume what you’re doing is important, but that others recognize the value and purpose of a great user experience in any given enterprise product. The fact that [co-founder and CEO] Todd McKinnon brought me on so early shows that he’s committed to user experience and values it. And as a designer, that obviously means a lot to me.

Creating a wonderful user experience is one of the challenges Okta – and many other enterprise ‘cool kids’ – face since historically the enterprise space hasn’t been easy-to-use. That’s something that motivates me.

The cloud has not only lowered the cost of ownership and accelerated implementation times for businesses, but it’s also put more attention on UX. It’s almost effortless for companies to switch between services these days, which just wasn’t the case with on-premise software even five years ago. This is why it’s incredibly important for users to love a product and adopt it, and Okta recognized that early on.

What first attracted you to Okta?

I actually got to Okta before it was even called Okta. It was called SaaSure. (And thankfully that didn’t stick. It sounded too much like a hair product rather than an enterprise software company!)

Looking back, having Todd at the helm was a major influence. He was a mentor for my boss when he was at PeopleSoft and was respected by people who mentored me, so I saw joining the Okta team as an opportunity to work with him. Then I realized during my interview with Todd and [his co-founder and Okta COO] Freddy Kerrest that these guys were winners and I would learn a ton from working alongside them. The decision was simple.

What is the best part about working at Okta?

It’s definitely the people. Okta has assembled the most talented team I’ve ever been around and the opportunity to work with extremely smart, hardworking people that make you better everyday is one of the most important things I can ask for in my career. If you’re not working with great people, you’re wasting your time — plain and simple.

What is the first thing you do when you get into the office?

I start my mornings before getting into the office by checking emails and other non-design related tasks. (Emails can be really distracting, so I try to get that out of the way.) The other reason I do this is that I hate long commutes. I’ve found that leaving my house (in Oakland) around 9:30am gives me a better chance at dodging the Bay Bridge traffic, and I can get to the office in a very tolerable 25-minutes. I also mix BART in when I have to get in early or it’s clear the bridge is a parking lot.

When I get to the office, I slap on my headphones to get in a good flow and start to design and build. If I’m designing it could be anything from a quick sketch to help an engineer get unblocked to a hi-fidelity Photoshop mockup for a brand new feature. There are many degrees in between as well, part of what makes my job so fun. I also enjoy front-end development so I will prototype new UI patterns in HTML/CSS/Javascript as well as help the engineers implement UIs. If you have the passion and the skills, even if it’s not expected for your role, you can do just about anything you want at Okta.

Do you have a favorite memory from working at Okta?

This is a tough one. To point out one single memory doesn’t do justice to the experience. I see being part of Okta like running a marathon. We’re solving a big problem and building a long-lasting company, and to do so successfully takes time.

If I had to pick one though, it would be when we hired our second designer, Shawn Gupta. That was a huge moment — having another peer that I’m able to bounce ideas off of, someone who is super talented and inspires me — it gives me a ton of confidence knowing he’s my teammate. We have a great rapport that allows us to push each other to create something better than we would alone. There is a kind of multiplier effect that occurs when we work together and that’s when you know you made a great hire.

What stands out about Okta compared to other companies?

The combination of talent, opportunity and momentum is special. I’ve never been part of something that I strongly believe has the potential to impact the market in a big way. There’s a huge opportunity here. I’ve worked with some great people in previous jobs, but the concentration of talent here at Okta is unmatched.

We recently had the pleasure of catching up with Welles Hatch, City Year’s CIO, to learn what Okta’s doing to help this not-for-profit organization challenge the educational status quo. If you’re not familiar, City Year provides AmeriCorps corps members on teams to work as mentors, coaches and tutors in schools across the country to get kids at risk of dropping out of school back on track to graduate.

One of Okta’s major benefits, according to Welles, is increased mobility, which is critical for City Year’s service model since the company’s corps members often don’t have offices to work from within the schools.

“We’re enabling a BYOD environment,” Welles explains. “So the administrative challenges around letting anyone show up with any appliance and having a purely web-based authentication environment as a means of maintaining security is prominent on the roadmap, and we’re comfortable that Okta’s going to enable that.”

This year, City Year recruited 2,500 corps members, and Okta increases mobility for these users across multiple devices, making their jobs easier and more productive. “What we really love about Okta is that it’s completely invisible to the user,” said Welles. “We have a seamless way to go from our homepage directly to any of the applications on a pre-provision basis. Okta was really foundational to being able to execute on a cloud strategy.”

To hear our full interview with Welles, watch City Year’s customer testimonial video below or on our website.

In a recent article in AllThingsD, Okta CEO Todd McKinnon, explains why the pace of change is so often misunderstood in enterprise software — and the implications that has for CEOs setting company strategy and VCs investing in new technologies.

There are massive changes taking place in the enterprise, but legacy software is still a reality for most organizations — and it will be for years to come — because of three main reasons: product cycle, adoption time and entrenchment. Head over to AllThingsD to read the full article.

In Silicon Valley, and high technology in general, there’s a common narrative about how the new disrupts the old, and the old subsequently dies. It’s a compelling narrative, especially in an industry such as technology where fortunes are made in the name of innovation — but it’s important to separate the signal from the noise. That narrative is applied too often and too broadly, leading to faulty company strategies and poor investments.

According to “new replaces old” assumptions, the mainframe computer would be long deceased. We all know that’s not the case. I recently met with the CIO of a large, well-known insurance company, who said that for 20 years the company has tried to reduce its reliance on mainframes. The problem is that the company runs several complex processes and algorithms, built by people who have since retired, on those systems. Everybody knows that they work, but nobody really knows how they work, which is why they’re still around two decades later.

Shocking as it may seem, enterprise software giant BMC’s mainframe software revenue is on the rise, thanks largely to scenarios such as the one my friend at the insurance company is dealing with. And remember Lotus Notes? According to the Wall Street Journal, it’s still a $1 billion business, too rooted for large companies to walk away from, and too large for IBM to ignore as it expands into cloud and social software.

To read the rest of the article, visit AllThingsD.

Guest post by Nathan McBride, vice president, IT at AMAG Pharmaceuticals

It’s funny to think that just three years ago I gave a presentation to a large consulting firm on what they might encounter in enterprise IT in the next few years called “What is the Cloud?” Since then I have had the unique experience of being able to speak at conferences and gatherings across the country, but you won’t hear me giving that introductory “What is the Cloud?” talk anymore.

Based on the requests for types of presentations that I’ve received recently, it’s obvious that more and more companies have gotten past the “wet feet” stage of moving to the cloud and are now looking for strategies and information about the next steps in embracing a cloud service model within the enterprise.

To kick off my 2013, I’ll be speaking at Bio-IT World in Boston on Wednesday, April 10 at 11:00 am ET about several topics in a session titled “Pharma Disruptors: A Real-World Look Into How Cloud Computing Can Impact Your Business”. In the presentation, I’ll cover how my company, AMAG Pharmaceuticals, and our IT team of just four moved our department to the cloud by:

• Eliminating Active Directory from our environment;
• Embracing the external SSO model with Okta (which we now use as our primary source of authentication);
• Replacing our data center with Google Apps;
• And many of the other technological changes we have implemented over the past three years.

More importantly, I will explain why we did this, which always seems to be the first question asked.

Disruptive technologies are fast becoming the norm and AMAG practices the disruptive model in all aspects of what we do. The ultimate goal for us — give employees the best tools to do the best work from anywhere at any time — is something we strive towards constantly.

In addition to Bio-IT, this year I’ll also be speaking at Life Science Enterprise & IT Cloud Computing Forum (Phoenix, April 25-26), CITE Conference + Expo (San Francisco, June 2-4), Cloud Expo East (New York, June 10-13) and others. In each talk, I’ll be revisiting this theme as both our model, and the industry, continues to evolve.

Hope to see you at Bio-IT World!

Big changes are affecting the enterprise as increased cloud and mobile adoption pushes businesses further beyond the firewall — and IT is right in the middle.

That’s why we’ve gathered senior IT leaders from Ralph Loura (CIO, Clorox), Carl Eberling (CIO, Encore Capital), Evan Trent (SVP, School of Rock) and Dan Willey (CIO, Wilbur-Ellis) for an intimate panel discussion with Okta CEO Todd McKinnon about how IT is responding to the massive changes across the modern enterprise.

Companies from education to financial services are using cloud and mobile technologies to enable employees, partners and customers to get work done. The cloud’s gone mainstream — from cornfields to classrooms, literally — and, in the process, has transformed the role and reputation of IT.

Join us on Monday, April 8 at Okta HQ in San Francisco to be part of the discussion. The doors open at 6pm, and there will be plenty of food, drinks and time to socialize before and after the panel at 6:30pm. (Plus, potentially some sweet Okta swag.)

For more information and to register, please visit: http://www2.okta.com/sfpanel