Okta Identity and Access Management in the Cloud
The growing popularity of the cloud and mobile devices has IT departments scrambling to manage users, passwords, and access outside the firewall. Okta offers a powerful platform that addresses the main concern companies have regarding the cloud: security. VP of Products Eric Berg joins us for a discussion on the challenges of securing access to the cloud.
LOCATION: San Francisco, CA
Would you explain in a nutshell what Okta does?
As companies these days are more aggressively adopting cloud computing in their environments, they see a key set of challenges that Okta is helping them direct. End-users get overwhelmed with user names, URLs, and passwords they have to keep track of. They increasingly are trying to access systems not only from desktops or laptops but also from different mobile devices. At the same time, IT struggles to retain visibility and determine who has access to all these different systems outside of the firewall. So essentially, the question is: how can companies centrally manage and control users that are hired and fired from the organization and make sure the right people have access at the right time?
A lot of these companies use something called “Active Directory” to control users and access applications, and we help them extend that out to their cloud application. The other area that we see as a trend in our business is that all these companies, in addition to managing these applications for their employees, are increasingly collaborating with partners and their customers through portal applications. But portals provide similar identity management challenges that need to be addressed.
The cloud is a very hot segment right now with a lot of competing products. What inspired you to establish Okta in an already crowded field?
As we saw companies adopting cloud applications such as Salesforce.com, we thought of fundamentally changing the way users interacted with these applications based on some of the challenges IT had. It was very clear that traditional tools that were built for IT to manage and secure these applications on-premise weren’t going to translate well to the cloud. And secondly, IT traditionally hasn’t been served the tools that have the same benefits as cloud applications: easy to use, cloud look and feel, easy to deploy, quick time to value. It was really that motivation, hitting IT with this migration to the cloud and the opportunity to build a new platform for managing cloud access.
What were the early days of the company like? How did Okta grow from where you were to where you are now?
In the beginning, there were a bunch of us sitting in a subletted space in San Francisco. Like all good companies, we started out with a concept, which was, “Hey, there’s this transition happening and IT organizations are making a move to the cloud.” We had a bunch of ideas in terms of what the key problems were that we should help companies address. So we went out and talked to a lot of CIOs, IT Managers, and Director-level people in order to focus ourselves on what we should build first. We consistently heard two things: “One, our users are struggling to remember all their user names, passwords, and URLS. Number two, we have no way to centrally manage and get access to these applications.” That’s how we started, with a concept and an identification of the major shift that was happening in the marketplace and the pain that customers were experiencing.
One of Okta’s key corporate goals or values is all-around customer success. We have over 125 customers running on the system today, spanning from small businesses to large Fortune 500 organizations. I think one of the ways we got there was to continually focus on doing what was right for our customers and keeping them satisfied.
Going back to the conversations you were having in the early days, how did you turn this into actual customers? What did your sales cycles look like?
Early on, we were just trying to find early adopters, the tip of the spear, the most aggressive adopters of cloud computing. We built the minimum features they needed and then expanded on them based on feedback from our pilots. We have always had a very aggressive development cycle. We release new features on a weekly basis. This allows us to be very nimble and respond to customer feedback by getting functionality out there quickly for them to benefit from. So over time, we expanded our feature set to today, where we have a product portfolio with one version of our product that is priced and packaged for customers rolling out their first application to an organization that has 40-50 applications in their environment.
How big is Okta? Do you have offices besides the one in San Francisco?
The majority of our 80+ people are in San Francisco. We also have field sales organization that is scattered throughout the US. Today, we are focused primarily on North America. We do have a lot of customers with end-users covering 60 countries.
Who do you compete with in this area?
I see a couple of different classes out there. On the identity management side, which is our main focus, you’ve got the legacy vendors who are struggling to figure out how to address some of these problems in the cloud, such as Oracle. Like a lot of on-premise software, they are expensive and difficult to deploy. You might see them in a very high end of the market in terms of customers who have that kind of money, but they don’t do well in the mid-market.
What does Okta do differently?
We built Okta from the ground up as a native cloud service. Our CEO and co-founder, Todd McKinnon, was the ex-VP of Engineering at Salesforce for about seven years prior to starting Okta. He has the technical chops and the understanding of how to build a scalable multi-tenant cloud service. All our customers are running on the same version of code, so we can update it quickly. We’ve also invested in an enterprise-class service for reliability and security. The Amazon Web Services outage is a great example of how some big names like Netflix and Pinterest had availability issues because Amazon went down. We happen to run on Amazon as well, but we have invested a tremendous amount in software from an operational standpoint to ensure we can run a reliable and robust service. If you think about it, Okta is the service that controls how all their users get access to their business applications. It is a very critical service to be up, so we have something called our “zero-downtime” architecture where we update the system on a weekly basis and never have to take it down for maintenance. When we give an SLA, there is no such thing as a maintenance window. When companies make a pretty significant investment in something that is going to be a part of their core infrastructure, they need to know they can trust that is secure and reliable.
How are you able to have such high-availability in comparison to, for instance, Netflix? What happens when things do go wrong?
Our SLA guarantees 99.9% up-time. That’s built into all of our contracts, but we actually have hit 99.99% over the last year. As my Ops guy likes to say, it is not one particular thing we can point to but a collection of things we have done in our software architecture to ensure that we have fault tolerance and the right level of monitoring. It is also the fact that we are running across seven different availability zones on Amazon Web Services and multiple geographies and data centers.
What challenges do you see in your market segment? How can companies overcome those?
I think features come and go and we will continue to add capabilities. One of the top concerns is always security, and that applies to our business in two ways. One, we help those who are adopting cloud applications pull together and manage access and secure their applications in one central place, connect them back to their on-premise infrastructure such as Active Directory, and eliminate Excel spreadsheets as a way to store passwords.
Number two, a large percentage of the market will say, “I can see how you make my usage more secure, but are you secure and are you someone I should be storing my identity and credentials with?” When I look at challenges there, I think it is continuing to do what we have done and continuing to bring in customers and make them successful. Customers will look at our track record and understand that having a team and company dedicated to building a reliable infrastructure is better than having a couple guys on their IT staff doing this internally. Of course there will always be features here and there that we’ll need to add, but it’s really building up that trust in the marketplace that’s key, so that we can both help customers deploy more cloud applications and make sure that more people are comfortable with moving their identity to the cloud.
What do you see as the most exciting thing about Okta?
Just from a culture standpoint, I think we have a great bunch of people here and a really unique combination of people who have been successful doing other things. They have come together at Okta to experience a major shift that is happening in IT. Everyone wants to be part of the next major player that helps people shift to the cloud. It’s fun to be with a bunch of people who have great aspirations and, yet, everyone also knows how to check their egos at the door. You have a bunch of people who are excited about doing something big and impactful but not too full of themselves.
The second thing is, we get to work with some great customers. These are the people that are out on the cutting-edge, who are thinking about how the cloud can transform IT and have an impact on their business.
Who are the most interesting people in your market segment right now and why do you think so?
I have to give a nod to Salesforce, just because they continue to push the cloud. They are expanding into a lot of different workloads and new capabilities for a social space, and they are trying to extend out into a Platform-as-a-Service. They continue to be successful in the cloud while also pushing their way into new markets. I think what Google is doing with the GoogleApps capabilities revolutionizes the market and gives Microsoft a run for their money. But in general, I think most of the innovation we’ll be seeing will come out of start-ups versus larger companies. That is going to be an interesting thing to watch.Tags: Cloud Security, Okta, Web Identity Management