Okta Service Certifications
Okta complies with a range of industry-standard certifications and authorizations. These include:
Okta has achieved ISO 27001:2013 certification, proving our expertise in securely managing information technology systems.
Okta's ISO 27001:2013 certification is available here.
Our ISO ISO 27018:2019 certification, (revises and replaces ISO 27018:2014), demonstrates our ability to secure personally identifiable information (PII) in the cloud.
To learn more about ISO 27018:2019, click here.
FIPS Validated 140-2
Helping you meet your compliance requirements
While Okta can’t solve every regulatory challenge, the Okta Cloud Service can help you work in accordance with the following compliance requirements:
Our HIPAA Compliant Service instance serves customers in the highly-regulated and security-conscious healthcare industry.
To learn more click here.
Okta has a PCI Attestation of Compliance, and Okta MFA qualifies as a compliant multi-factor solution under current PCI-DSS requirements. This enables customers to use Okta as a supporting system for PCI compliance.
For more information, click here.
Sarbanes Oxley (SOX)
Okta’s tools help ensure that your SOX controls are in place and generating evidence for auditors. Our service gives your IT team a single location for all application provisioning and deprovisioning. We can also help you enforce password complexity requirements and provide single sign-on access, streamlining downstream audits.
Okta’s IAM system provides a strong foundation for GDPR compliance and can help reduce your risk. You can learn more and download Okta’s GDPR-compliant DPA at https://www.okta.com/gdpr.
Our IAM solutions can help you to comply with the access requirements specified in the constantly-evolving New York Department of Financial Services security regulations.
Learn more about Okta’s approach to compliance
Want to find out how Okta can help you meet industry-specific compliance standards? Follow the links below: