security

Cyber insurance is a promising tool companies can leverage to mitigate the risks of cyber attacks, data breaches, and business disruption. Just like with all forms of insurance, businesses need to ensure they’re protected against loss when the unexpected happens. Moreover, certain steps need to be taken—or criteria met—in order to remain insured…

Two-factor authentication (2FA) is a form of multi-factor authentication (MFA), and is also known as two-step authentication or two-step verification. 2FA is a security measure that requires end-users to verify their identities through two types of identifiers to gain access to an application, system, or network. Think of your most recent login…

How important is it to implement Zero Trust? We asked over 600 business and security leaders across North America, Asia Pacific (APAC), Europe, the Middle East, and Africa (EMEA)—and the overwhelming consensus is that it has become crucial. With the unprecedented shift to remote work, the adoption of new digital products and services, and the…

Every company that operates production software has compliance requirements. The vast majority of those organizations also carry significant infrastructure in the cloud and/or on-premises. And they all require a safe way to provide access to their developer workforce. Traditionally, there were two ways to achieve this: building a DIY system to…

Software powers your business. Infrastructure powers your software. To remain competitive in today’s fast-paced landscape, your applications need to be highly available and performant. To meet that demand, your systems need to be resilient and secure. When you add that up, it’s the Operations and Security teams that carry the responsibility of…

Introducing Okta + NetMotion: Future-proof and Secure Remote Access for a Post-COVID World We’ve entered into a new era of identity. As organizations have had to become increasingly flexible in supporting distributed, remote teams, they’ve also had to put an increased focus on security. With workforces worldwide becoming more mobile and dynamic—a…

This is the third and final blog post in our Adapt to the Cloud Operating Model series.  With any organizational change that impacts people, process, and technology, it’s best to take it in stride. When talking with customers about their Zero Trust security initiatives, an analogy I often use is: “if Google’s BeyondCorp is the peak of Mt. Everest,…

Viruses, spyware, and other malware can affect more than just desktop computers and laptops. Mobile devices are vulnerable as well. As the threat landscape continues to evolve, it’s important that we not only understand these risks—but how we can protect ourselves against them.  In this post, we’ll take a closer look at the mobile phone security…

Zero Trust is a security framework based on the belief that every user, device, and IP address accessing a resource is a threat until proven otherwise. Under the concept of “never trust, always verify,” it requires that security teams implement strict access controls and verify anything that tries to connect to an enterprise’s network. Coined in…

API is an acronym that stands for “application programming interface,” and it allows apps to send information between each other. While there are numerous protocols and technologies involved, the underlying purpose of APIs is always the same: to let one piece of software communicate with another.  APIs (sometimes described as web services) work in…