Compliance

Securing Data Across APAC: Achieving APEC PRP Certification

At Okta, trust and transparency are core to who we are as a company. These values critically inform the way we view our responsibilities to our customers and to the personal data of their users that they entrust to Okta. The keystone of our transparency is providing our customers with a clear understanding of how we collect, process, and secure…

What Is SOC Compliance?

SOC is a set of standards that allow companies to demonstrate they are managing and regulating information properly. SOC stands for “service and organization controls;” developed by the American Institute of Certified Public Accountants (AICPA), these regulations exist to give companies peace of mind when exchanging customer data with third-party…

Okta’s Response to the Court of Justice of the European Union’s Decision on Transfers of Personal Data

Okta is the identity company that stands for trust. We consider the security and privacy of our customers’ data as foundational elements of our business. Today, we’re updating our customers about their transfers of EU individuals’ personal data to Okta’s service, in light of the July 16, 2020 decision of the Court of Justice of the European Union …

CCPA vs. GDPR: Similarities and Differences Explained

The California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR) are legislations that emerged to give consumers greater power over their personal information. Both regulate organizations that collect and use data in a variety of ways. A brief definition of the CCPA: Gives California residents increased transparency…

Founders in Focus: DataGrail

Welcome to the next post in our Founders in Focus series. This month, we’re getting to know DataGrail, and their mission around privacy compliance. What is DataGrail and what is your mission? DataGrail aims to make privacy compliance easier for organizations. Our platform eliminates the error-prone, manual, and time-consuming processes associated…

What is GLBA compliance?

The Gramm-Leach-Bliley Act (GLBA), also known as the Financial Modernization Act of 1999, is a United States Federal law that was originally enacted to modernize the financial industry. The law mandates that financial institutions disclose their information-sharing practices to their customers and proactively secure sensitive data. The Two…

How Okta Helps You on the Path to CJIS Compliance

U.S. law enforcement agencies have to operate within very strict parameters to access and handle criminal information that’s stored on Criminal Justice Information Services (CJIS). Local, state, and federal law enforcement agencies are mandated under the CJIS Security Policy, which guides these institutions in how to avoid vulnerabilities,…

How to Protect IL4 Data with Okta

The Federal Risk and Authorization Management Program is an assessment and authorization process that US government agencies use to ensure their cloud-based applications are appropriately secure. Under FedRAMP Moderate or FedRAMP+, cloud service providers (CSPs) must meet an extensive set of controls—up to 363—to be granted an Authority to Operate…

How to Be FedRAMP Compliant with Okta

Government agencies are often responsible for storing key information about their citizens, making security a critical focus area when it comes to working with cloud service providers. The Federal Risk and Authorization Management Program (FedRAMP) is an assessment and authorization process used by US government agencies to ensure proper security…

How to Inherit FedRAMP Authorization

What is FedRAMP? In my last post, “What is FedRAMP?”, I talked about the basics of FedRAMP and how organizations can become certified. To summarize, the Federal Risk and Management Program (FedRAMP) is an assessment and authorization process used by US government agencies to make sure proper security controls are in place when adopting cloud-based…

Archive