With so many people working remotely today, IT admins are often dealing with remote computers joined to their local Active Directory (AD) that also need to be connected to Azure AD to make use of newer, cloud-based features. This is what we call a hybrid domain joined state.  Today, you can take advantage of the latest cloud features from a…

Last week, Okta was named as a Leader in Gartner’s fourth edition of its Magic Quadrant for Access Management report. We are the only vendor that has consistently been a Leader since the inception of Gartner’s evaluation of the identity space — starting with the first Identity as a Service (IDaaS) Magic Quadrant seven years ago.  Over the years,…

SMS authentication—also known as SMS-based two-factor authentication (2FA) and SMS one-time password (OTP)—allows users to verify their identities with a code that is sent to them via text message. A form of two-factor authentication, it often acts as a second verifier for users to gain access to a network, system, or application, and is a good…

Viruses, spyware, and other malware can affect more than just desktop computers and laptops. Mobile devices are vulnerable as well. As the threat landscape continues to evolve, it’s important that we not only understand these risks—but how we can protect ourselves against them.  In this post, we’ll take a closer look at the mobile phone security…

Zero Trust is a security framework based on the belief that every user, device, and IP address accessing a resource is a threat until proven otherwise. Under the concept of “never trust, always verify,” it requires that security teams implement strict access controls and verify anything that tries to connect to an enterprise’s network. Coined in…

In our previous posts for this 5-part series on lifecycle management, we offered various best practices you could implement to better manage identity data, lifecycle processes, and access grants. Today, we’ll review the identity-related challenges surrounding audits and compliance, and offer ten ways to gradually chip away at the complexities of…

API is an acronym that stands for “application programming interface,” and it allows apps to send information between each other. While there are numerous protocols and technologies involved, the underlying purpose of APIs is always the same: to let one piece of software communicate with another.  APIs (sometimes described as web services) work in…

Attribute-based access control (ABAC) is an authorisation model that evaluates attributes (or characteristics), rather than roles, to determine access. The purpose of ABAC is to protect objects such as data, network devices, and IT resources from unauthorised users and actions—those that don’t have “approved” characteristics as defined by an…

Magic links are a form of passwordless login. Instead of the user entering any login credentials to sign in, they are sent a URL with an embedded token via email, and sometimes via SMS. Once the user clicks that link to authenticate, they are redirected back to the application or system having successfully signed in—as if they used a “magic”…

Whether you’re building a new app or migrating a legacy app to the cloud, you face a choice: build everything in-house or selectively use out-of-the-box services to make the job easier and faster. Out-of-the-box services like Twilio, for messaging, and Braintree, for payments, have gained popularity because they help lean dev teams remain agile…