Author Archives: David Baker

I recently kicked off a blog series about the importance of securing Layer 7, otherwise known as the application layer in the OSI model. It’s a critical part of Okta’s security program because Layer 7 is closest to our users, … Continue reading →

Building and maintaining Okta’s security program is an interesting job, to say the least. The stakes are high: Not only is identity management core to IT, it is central to an enterprise’s security. Plus, Okta delivers IDM from the cloud, … Continue reading →

“What’s your disaster recovery plan?” It’s a question I’ve been getting from customers quite a bit lately. And it caught me off guard the first time I heard it. Typically, inquiries on disaster recovery come from someone on an audit … Continue reading →

The New York Times recently ran an interesting profile of Peter Neumann, one of the preeminent computer scientists in the world. The story, “Killing the Computer to Save it,” details Neumann’s ideas for how to solve the inherent security vulnerabilities … Continue reading →

Last week, Ars Technica’s Dan Goodin published a story detailing how downloaded Android applications have the potential to expose the sensitive personal data of more than 185 million users.  Vulnerabilities due to inadequate or incorrect use of SSL/TLS protocol libraries … Continue reading →

During the past few weeks, I’ve written about what it takes to build a cloud service that’s ready for the enterprise. Essentially, there are three characteristics that set true enterprise cloud services apart from their consumer counterparts: Security. Reliability. Trust. … Continue reading →

Verification has been making the news lately. Earlier this month, Box announced that it was adding a two-step login verification, just weeks after Dropbox added two-step verification. And it was Wired journalist Mat Honan’s devastating personal identity hack in August … Continue reading →

Last week, I posted the fourth installment in a six-part blog series about what it takes to have an enterprise-ready cloud service and the three characteristics (security, reliability and trust) that differentiate an enterprise cloud service from a typical consumer … Continue reading →

I recently released the first, second and third installments of a six-part blog series about what it takes to have an enterprise-ready cloud service, and the three characteristics that differentiate an enterprise-grade cloud service from a typical consumer service: security, … Continue reading →

I recently released the first and second installments of a six-part blog series about what it takes to have an enterprise-ready cloud service. While the identity hack of Wired’s Mat Honan (and the media fallout that followed) spurred the idea, … Continue reading →