Security Questions: Best Practices, Examples, and Ideas

Security questions are a common method of identity authentication—one you’ve probably encountered before. When creating an account or signing up for a service online, users will confidentially share the answers to secret questions with a provider.  Typically, these security questions and answers are used for self-service password recovery…

Magic Links: Passwordless Login for Your Users

Magic links are a form of passwordless login. Instead of the user entering any login credentials to sign in, they are sent a URL with an embedded token via email, and sometimes via SMS. Once the user clicks that link to authenticate, they are redirected back to the application or system having successfully signed in—as if they used a “magic”…

What Is Data Theft?

Data theft is the act of stealing information stored on corporate databases, devices, and servers. This form of corporate theft is a significant risk for businesses of all sizes and can originate both inside and outside an organisation. The term data theft can give the impression that this kind of breach is based on malicious intent, but this is…

What Is Biometric Authentication?

Biometric authentication is a security process that compares a person’s characteristics to a stored set of biometric data in order to grant access to buildings, applications, systems, and more. With cybercrime, fraud, and identity theft on the rise, it’s more important than ever for businesses to help customers and employees verify their identity,…

What Is Data Misuse?

Data misuse is the use of information in ways it wasn’t intended for. User agreements, corporate policies, data privacy laws, and industry regulations all set conditions for how data can be collected and used. Data misuse violates these requirements. Unlike data theft, data misuse doesn’t necessarily happen as a result of a cyberattack or when…

What Is a Data Breach?

A data breach happens when cybercriminals gain unauthorised access to a system or network, allowing them to search for sensitive data pertaining to a business and its customers, and using it to extract some form of illegal value. Attackers might sell this data on the dark web, directly engage in fraud, hold the information for ransom, or use it to…

What Is Data Security?

Data security is the protection of digital data and accounts in accordance with laws and industry standards in order to mitigate risks and repel attackers. It encompasses business data, employee information, and customer and user data. If that sounds multifaceted, it is: putting data security into practice isn’t one size fits all. With companies…

Putting Privacy First: Takeaways from RSA Conference 2020

What happens when you put hundreds of security professionals in a room? They come together to identify and discuss the emerging cybersecurity trends, challenges, and opportunities. At this year’s RSA Conference, the theme was “Human Element,” reminding us that every technology-related decision, innovation, and risk has direct impacts on…

Passwordless authentication: where to start

Let’s face it: we’re all tired of passwords. They’re a major pain for users and not nearly as effective at securing accounts as they pretend to be. Thankfully, there is a better way! We are excited to announce a new set of passwordless capabilities in Okta that will allow you to deliver seamless auth experiences to all users! In this post, we’ll…