Looking for Okta Logos?

You can find all the media assets you need as part of our press room.

Download Media Assets

Keeping Your Data Safe At Home and Abroad: Okta Achieves ISO 27018

Chris Niggel
Chris Niggel
Senior Director, Compliance & Assurance

Imagine your typical weeknight: you come home for dinner, and maybe you check the mail, which is filled with unsolicited offers for new credit cards. While waiting for dinner to cook, you clear out the emails in your spam folder. And when you finally sit down to dinner with your family, the phone rings — surprise, surprise, it’s a telemarketer. The sale of personal data is a growing concern for U.S. businesses and consumers alike. As technology continues to outpace policy, individuals and organizations are left vulnerable to data sales from companies and cybercriminals.

While many companies are capitalizing on the current flexibility of the rules surrounding the sale of data, here at Okta we’re actively seeking compliance certifications to ensure our customers’ data is secure from both scammers and data marketing firms. To demonstrate our commitment to data protection, Okta has obtained  ISO 27018 certification.

ISO 27018:2014 is a standard for protecting personally identifiable information in the cloud set forth by the International Standard Organization (ISO). In conjunction with our ISO 27001 certification, ISO 27018:2014 is unique to cloud companies handling private customer data. It includes parameters for how we manage data across the entire production environment, how we develop and release code, and how we respond to incidents and recovery in the event of a breach or glitches in a data center.  As the emerging global standard for cloud data privacy, only a few organizations including Microsoft and Google have obtained ISO 27018:2014.

Security is of the utmost importance to our customers — who, whether they’re sharing data abroad or servicing international customers, are functioning as global companies — which is why we made it a priority to achieve international data compliance. By voluntarily raising our standards and seeking additional accreditations, we’re making it easier and safer for our customers to expand abroad and/or work with international companies without worrying about their data. Additionally, many of the data protections enforced by the ISO are not mandatory in the U.S. but that hasn’t stopped us from imposing these standards on ourselves everywhere we’re doing business. Our data policies represent the strictest of regulations in the U.S. and abroad, and are applied unilaterally.

We want to ensure your personally identifiable information is managed privately and securely. We’ll continue pushing the envelope to make sure you’re protected in any environment. Our bottom line is keeping your data safe, and family dinner uninterrupted.

To learn more about data protection, privacy and personal identity, don’t miss our panel with the FCC at Oktane16. There’s still time to register!

Chris Niggel
Chris Niggel
Senior Director, Compliance & Assurance

Chris is currently the Senior Director of Security and Compliance at Okta, where he is responsible for corporate compliance, application assessments, and responding to customer security inquiries.  

Prior to Okta, Chris spent 6 years leading the adoption of Cloud Technologies at LinkedIn. He is also an active member of the Northern California ski community, where he volunteers with the Tahoe Backcountry Ski Patrol performing search and rescue, and teaching ski mountaineering and outdoor survival.

Follow Chris Niggel icon LinkedIn