security

For over a decade, Okta has led the way companies access data and apps in the cloud, allowing organizations to securely transform into modern digital businesses. As we continue to innovate to protect our customers from identity threats like the rise of phishing attacks, we need to ensure they can harness the same technology to secure access at any…

There’s a popular business adage that we’ve found to be pretty credible: “You are what you measure.” No matter how well you may think you understand your customers or your industry, you won’t know for sure until you dig into the data.  At Okta, we’ve seen our users opt for ever more robust sign-in solutions over the past 14 years. But what’s the…

  International revenue share fraud (IRSF), also known as toll fraud, is a type of fraud where fraudsters artificially generate a high volume of international calls/SMS on expensive routes. Here’s how it works. Fraudsters exploit Okta’s authentication flow and make expensive phone calls and/or texts as part of the MFA flow where phone/text is used…

In today's dynamic digital landscape, Zero Trust architecture has emerged as a critical paradigm shift. With the constant evolution of threats and the increasing complexity of digital environments, organizations must adopt a comprehensive security approach that challenges implicit trust. Zero Trust enables effective protection against advanced…

Meeting compliance challenges in a boundaryless world  Today’s organizations are operating in an increasingly complex technology and business environment. Workforces that may have once been composed solely of in-office employees are now made up of a broad range of contributors, including contractors and business partners, all working across time…

Okta, the World’s Identity Company, is calling on every company that makes or uses software to start their own passwordless journey today and reduce their reliance on passwords for new applications by the end of 2025. Passwords are a headache for consumers and businesses and are often one of the weakest links in an organization's cybersecurity…

We’ve seen a lot of turmoil in the global banking system in recent weeks. Several near-simultaneous failures in the U.S. and Europe have rattled public confidence in banks and financial institutions, according to at least one recent poll. For the average consumer, the old mattress might be looking like a more appealing place to stash their savings…

By embracing the cloud and new standards, the Department of Defense (DoD) can advance its information systems and guide the modernization of cybersecurity as required in Pillar 1 of National Cybersecurity Strategy, Section 3 of Executive Order (EO) 14028, Improving the Nation’s Cybersecurity, and Section 1 of National Security Memorandum on…

In support of the U.S. Department of Defense (DoD) Zero Trust Strategy, the Army is developing a service-specific Zero Trust Strategy, tentatively named “Knights Watch”. To move towards an integrated security architecture, the Army will divest from aging infrastructure, develop trained staff, and lean on industry partners.  Similar to previous…

Human actors still drive the vast majority of security breaches. In 2022, 82% of breaches involved the human element, whether it was the use of stolen credentials, phishing, misuse, or simply an error, according to Verizon's Data Breach Investigations. Yet, humans alone cannot protect against these threats. Security automation is critical to…