Compliance

TL;DR: Identity touches every point of your business. Here’s a checklist of what you should be asking yourself when shopping for an Identity solution.   Looking at Identity and Access Management (IAM) solutions and shaking your head? Are you wracked by decision paralysis as you weigh options, unsure how to narrow them down?  We get it: Identity…

There comes a time in every SaaS company's journey when they’re ready to move upmarket and start landing enterprise logos. While your app might be a winner with small business customers, scaling it to enterprise customers might cause some heartache. It’s not just about beefing up your features; it’s about creating an enterprise-grade solution to…

This recipe is part of the series Learn CIAM by example: Four recipes to improve your app’s security and UX. You can learn more about the series by downloading our four recipes in a cookbook format. In this recipe, you learn how to add passwordless auth to your application using passkeys. Consumers want to see and do more digitally, and they…

Federal Information Processing Standards (FIPS) are security standards developed by the National Institute of Standards and Technology (NIST). For organizations to adhere to FIPS compliance, the system or product must meet configuration standards and pass rigorous audits through regular third-party assessments. To demystify FIPS compliance in Okta…

A key pillar at Okta is building a world where anyone can safely use any technology. But for some of us, there are analog blockers as well. For Accessibility Week, we’d like to dig into how Okta makes sure everyone really means everyone.  How do we define accessibility? From a technical design perspective, accessibility is designing our products…

The Pentagon on Wednesday announced Google, Oracle, Amazon, and Microsoft as the awardees of the new cloud architecture called the Joint Warfighting Cloud Capability (JWCC), which will service across all of the Department of Defense’s (DoD) security domains and classification levels. The driving force behind this multi-cloud, multi-vendor era is…

If your organization provides products or services to the U.S. Department of Defense either as a prime contractor or a subcontractor, then you’ve probably heard a lot about CMMC lately. In this post, I’ll provide some background about what CMMC is and share a breakdown of how using Okta can help your organization meet specific controls required by…

The California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR) are laws that emerged to give individuals greater power over their personal information. Both regulate organizations that collect and use data in a variety of ways. A brief summary of the CCPA: Gives California residents increased transparency and control…

Put simply, personal data is information that relates to 1. an identified or identifiable person or 2. an identified or identifiable legal entity (where such information is protected similarly as personal data under applicable data protection laws and regulations). While regulations use different terms with slightly varying definitions, “personal…

At Okta, trust and transparency are core to who we are as a company. These values critically inform the way we view our responsibilities to our customers and to the personal data of their users that they entrust to Okta. The keystone of our transparency is providing our customers with a clear understanding of how we collect, process, and secure…