security

What is Zero Trust Security?

Zero Trust security is a new strategy for keeping enterprise data secure, rooted in the idea that you can no longer rely on the network perimeter to assess trust. In a Zero Trust model, people are the new perimeter, and identity is the core of maintaining a secure environment. An evolving landscape Historically, organisations have kept their data…

What Is an API?

API is an acronym that stands for “application programming interface,” and it allows apps to send information between each other. While there are numerous protocols and technologies involved, the underlying purpose of APIs is always the same: to let one piece of software communicate with another.  APIs (sometimes described as web services) work in…

To Secure DevOps, We Need to Shift Identity Left

You know it, we know it: DevOps is a core function for any company that wants to deliver exceptional digital products to its customers. But as customers become used to rapid updates and new features from the applications they use every day, there’s an added pressure for your DevOps team to be continually innovating so that your business can do the…

Passwordless authentication: where to start

Let’s face it: we’re all tired of passwords. They’re a major pain for users and not nearly as effective at securing accounts as they pretend to be. Thankfully, there is a better way! We are excited to announce a new set of passwordless capabilities in Okta that will allow you to deliver seamless auth experiences to all users! In this post, we’ll…

Shift Identity Left: Secure DevOps Automation with Okta

To keep up with the rapid pace of innovation, organisations of all kinds and sizes are adopting DevOps practices to better automate the delivery and operations of software in the cloud. A cultural phenomenon that impacts people and process as much as it does technology, DevOps brings teams together with the goal of removing barriers – the…

Putting the 8 Principles of Infrastructure Access into Practise

IT and security teams want to protect sensitive data and systems from online threats to preserve both the bottom line and their organisation’s reputation. This means securing access to cloud and on-prem infrastructure. But legacy techniques have largely failed users and IT administrators in this regard—it’s time for a modern approach. Why have…

What is WebAuthn?

In March 2019, the World Wide Web Consortium (W3C) announced that WebAuthn is now the official web standard for password-free login. With support from a broad set of applications (Microsoft Edge, Chrome, Firefox, Mobile), widespread adoption of WebAuthn is expected in coming years. In this post, we will explore the shortcomings of current…

What is Authentication? The Ultimate Authentication Playbook

With the rise of credential stuffing and similar attack methods, simple username and password authentication is not enough to deter bad actors.   According to the Verizon Data Breach Investigations Report, there were over 55,000 security incidents and 2,200 confirmed data breaches in 2018, with a whopping 81% of those incidents being tied to…

Archive