Why Okta is Privacy-Forward

Last week Okta celebrated Data Privacy Week with a company-wide campaign to reinforce employee awareness of the importance of respecting privacy and safeguarding personal data. This got me thinking about how data protection and privacy have never been more relevant to individuals around the world. We’ve never spent more time online or been so dependent on cloud-based applications and services. Never before has so much data been exchanged, processed, and stored online. Our digital identities and footprints are spread among thousands of servers underpinning applications, search engines, social media platforms, and databases.

In parallel, internet users are uncertain about data privacy. According to a recent poll, 84% of Americans say that they are at least somewhat concerned about the safety and privacy of the personal data that they provide online. The complexity around how their data is collected, managed, and used by solution providers is a real concern. In fact, many service providers and platforms sell and monetize personal data beyond their users’ expectations or knowledge. Many other organizations need to step up and establish the right internal controls for user data to be managed appropriately and responsibly.

In a growing number of jurisdictions worldwide, companies are required to provide users of their products with information on how their data is being used, and empower them to make informed decisions about that data. These requirements align with Okta’s core value of transparency, and for that reason, we aim to communicate openly and clearly with our customers, partners, and their users about how Okta processes personal data.

We continue to see governments around the globe look to enact laws and set regulations to safeguard and protect data privacy. The EU has been at the forefront of this work for decades, most recently with the arrival in 2018 of the General Data Protection Regulation (GDPR). In the U.S., five states have already enacted their own privacy laws, and another 15 states are proposing legislation to address privacy this year. This state-by-state approach creates a patchwork of rules and legislation that can be confusing to the public and challenging to organizations. That’s why Okta supports the passage of a comprehensive federal privacy law that will ensure high levels of protection for individuals throughout the country.

According to the United Nations’ Universal Declaration of Human Rights, privacy is a fundamental right, and it enables other human rights, such as freedom of expression and freedom from discrimination. This belief has shaped the way we look at privacy, the responsibility we bear as an independent identity platform, and the way we have grown Okta to promote important practices in data privacy. We firmly believe that customer data belongs to the customer, that customer data should be processed only as needed for the services we provide, and that we must take appropriate measures to keep that data safe and secure. 

Okta is a privacy-forward company. This means our customers can trust us to continue to uphold high standards in the management of the customer data that they provide to the Okta service. 

Okta was built with privacy in mind. We have built Identity and Access Management (IAM) and Identity Governance and Administration (IGA) solutions that aim to combine security, automation, and compliance goals, all in one. Managing privacy needs has never been an afterthought. 

Okta is independently audited for privacy by third parties. Okta has achieved APEC Privacy Recognition for Processors certification and adheres to the EU Cloud Code of Conduct, both of which require independent audits conducted by third parties.

And why does our independence as an Identity and Access Management company matter? Because it allows us to pursue this privacy-forward stance, and set ourselves apart. Our success stems from this commitment to privacy. As the leading independent identity provider, Okta is uniquely positioned to support the data privacy needs of our customers and their users, now and into the future.