Zero Trust

As the digital landscape evolves, the need for robust security measures becomes increasingly critical. Organizations are constantly exploring innovative ways to ensure secure access to their systems and data. In this pursuit, Okta has taken a significant step forward by integrating its device assurance policies with Google's Device Trust Connector…

Nearly two decades ago, the U.S. Homeland Security Presidential Directive 12 (HSPD-12) established a new identity policy for federal employees and contractors. Its goal was a strong, government-wide approach to secure both physical and logical access. Today, the Personal Identity Verification (PIV) and Common Access Card (CAC) standards are…

Federal Information Processing Standards (FIPS) are security standards developed by the National Institute of Standards and Technology (NIST). For organizations to adhere to FIPS compliance, the system or product must meet configuration standards and pass rigorous audits through regular third-party assessments. To demystify FIPS compliance in Okta…

The rise of Zero Trust architecture has brought new challenges to the table. With a Zero Trust approach, it's no longer sufficient to simply trust that a user's credentials are valid. Organizations must also verify the device itself to ensure that it meets their security standards. One key way to address this challenge is by enabling device login…

In today's dynamic digital landscape, Zero Trust architecture has emerged as a critical paradigm shift. With the constant evolution of threats and the increasing complexity of digital environments, organizations must adopt a comprehensive security approach that challenges implicit trust. Zero Trust enables effective protection against advanced…

As the leader of Okta’s US Public Sector business, my top priority is supporting government agencies as they modernize IT to improve efficiency and service delivery. This includes adopting zero trust to strengthen cyber posture and prevent fraud. Throughout every interaction, a consistent theme emerges: Identity is critical to the success of their…

Today’s workforce is dynamic with employees working from the office, home, and other remote locations across the world. For organizations, Zoom has increasingly become the de facto solution for video conferencing, connecting them to employees and customers. But the shift to remote and hybrid work has left IT and security teams with a new challenge…

In support of the U.S. Department of Defense (DoD) Zero Trust Strategy, the Army is developing a service-specific Zero Trust Strategy, tentatively named “Knights Watch”. To move towards an integrated security architecture, the Army will divest from aging infrastructure, develop trained staff, and lean on industry partners.  Similar to previous…

Every week, reports of cyberattacks hit the news. While these headlines primarily focus on for-profit businesses, nonprofits are not immune. In 2021, U.S. businesses and public entities suffered 26,074 incidents, with a total cost of close to $2.6 billion, according to the U.S. Government Accountability Office.  Nonprofits make attractive targets…

While the term “Zero Trust” is ubiquitous enough to feel like a buzzword, adoption of the security framework is not as widespread as you might think.  The security industry has been discussing the reality of the shifting perimeter for nearly two decades, with origins back to the Jericho Forum, an international group working to define and promote…