UK Businesses: It’s Time to Ban Your Mother’s Maiden Name

Last month we released our first ever “Businesses @ Work” Report, which shares findings from our network of 4,000 applications, thousands of custom integrations and millions of daily authentications and verifications around the world.

Our dataset identifies several fascinating industry trends for those making or considering significant investment in cloud and mobile. As head of Okta’s UK operations, I was interested in the tendencies on our side of the pond. Are us Brits bucking the trend in any sense when it comes to how we work?

Well I found the answer is, yes we do – but not necessarily in a good way. The biggest point that gave me cause for alarm is that UK businesses won’t let go of the security question as a form of verification. While the global trend is for companies to move away from questions about birthplaces and bloodlines as verification methods – having dropped 14 percent worldwide since April 2014 – usage of traditional security questions in the UK actually increased 17 percent in the same time frame.

Updating the Fax Machine for the 21st Century: DocuSign Goes Global With Okta

From signing a lease on a house to initialing a salary contract from your employer, some of life’s most important moments are memorialized by a pen-to-paper agreement. Unfortunately, the excitement that stems from these monumental moments can be stifled by lost packages, finicky fax machines and inkless pens.

What if you could send contracts at the speed of light, and get a response just as quickly?

Okta customer and partner DocuSign comes to the rescue with their digital transaction management service, making users more productive and efficient by decreasing the amount of time required to sign deals and get approvals. The DocuSign team recognized the need for speed and security when it came to these transactions, and we jumped at the chance to sit down with Mike Dinsdale, DocuSign’s chief financial officer, to learn how DocuSign has realized cost savings (>$200k in annual IT savings) and improved employee productivity - and delivered a great service so you can get that signature more quickly than ever. Mike shared some great insight about the changing role of the CFO also shared insight into the 325% ROI on Okta investment. Read below for more details.

It's not often we speak with a CFO about their company's technology. What’s changed about the CFO's role?

I think the new CFO is about accelerating the business. If we provide the best tools and allocate resources to the best places, we can drive the value of the business the most. We’ll also be able to provide customers with all the different products, by applying the right resources to areas that will move the company forward from a product perspective, to move the company forward and create value for everyone.

Update from Okta - Heartbleed

You’ve likely read about the Heartbleed vulnerability that has affected much of the Internet. The short version: Heartbleed is a bug that affects the way online services encrypt connections between their service and their users, and if not corrected can lead to sensitive information being revealed. Most services and sites on the Internet use OpenSSL, the code that was affected, making Heartbleed a top story this week. We want to tell you about Okta’s response.


Security companies set themselves apart with their response times. Since the initial alert regarding Heartbleed, Okta quickly addressed the bug, updated its service, and eliminated any Heartbleed vulnerabilities going forward.

We have no evidence that any Okta customers have been maliciously impacted by this vulnerability, and we continue to actively monitor and investigate any and all potential issues.

We’ve been working with our customers to outline additional steps they can take going forward. An example is enabling Multi-factor Authentication for even more security. For our customers, all of those steps are outlined here.

Recognizing the Password Problem: Two-Factor Authentication in the Spotlight

Verification has been making the news lately. Earlier this month, Box announced that it was adding a two-step login verification, just weeks after Dropbox added two-step verification. And it was Wired journalist Mat Honan’s devastating personal identity hack in August that inspired my blog series on what it takes to build secure cloud services for the enterprise. Two-factor authentication for Honan’s Google account, after all, likely could have prevented the attack.

On Friday, the New York Times published “Doing the Two-Step, Beyond the A.T.M.” about the recent installation of two-factor authentication across companies like PayPal, Dropbox, and Google.