セキュリティに対するOktaの包括的アプローチ
世界をリードするセキュリティ機能に対するOktaの投資は、すべてのお客様にメリットをもたらしています。
Oktaの運営は、セキュリティ責任共有モデルに基づいています。このモデルでは、OktaがIdentity Cloudとその基盤インフラストラクチャの安全なデリバリに責任を負います。その一方で、お客様は構成可能なポリシーの幅広いオプションを利用して、それぞれの要件に沿ってアプリケーションへの安全なアクセスを確保します。
私たちのビジョンは、お客様があらゆるテクノロジーを安全に使用できるように支援することです。Oktaは、ベストオブブリードのセキュリティツールをサポートし、Identity Cloudに組み込まれたネイティブのセキュリティ機能を進化させることを約束します。
SECURITY COMPLIANCE
Okta complies with a range of industry-standard certifications and authorizations.
Okta's Security Documentation for Current Customers
Okta’s SOC 3 Report + Standard Security Questionnaires
Okta's Service Certifications: SOC2, ISO 27001, CSA-Star, FedRAMP ...
SYSTEM LOGS & DATA RETENTION
Okta is committed to providing all customers with access to system logs, which can be searched from the admin console or streamed to third-party security tools.
RESILIENCE & AVAILABILITY
Learn about Okta’s approach to scaling the identity cloud.
Not All Cloud Services Are Built Alike
Scaling Okta to 50 Billion Users
PRODUCT SECURITY FEATURES
Okta provides a broad array of policy configurations for admins to choose from.
Okta Classic security features
Okta Identity Engine security features
HealthInsight Tasks and Recommendations
Supported platforms, browsers, and operating system
VULNERABILITY POLICY & PENETRATION TESTING
Okta aggressively hunts for bugs in our software using four concurrent security programs: internal tests, third-party audits, public bug bounty program, and a highly-responsive customer bug reporting program. We support customer pentesting of Okta and provide test environments for that purpose.
DEPLOYMENT GUIDES
Our guides to secure configuration of Okta-related services.
Set up and manage Okta's LDAP Interface
Getting the most out of Okta ThreatInsight
How to Mitigate Toll Fraud when Using Okta for Voice Authentication
PRIVACY & DATA SECURITY
Okta’s data protection meets the highest industry standards, complying with FedRAMP and NIST 800-53, HIPAA, ISO 27001/27017/27018 and GDPR requirements.
Okta+Privacy and Privacy Policy
GDPR-compliant Data Processing Addendum (DPA)
PRODUCT INFO & RELEASE NOTES
EXTERNAL RESOURCES
AWS Data Center Controls and Global Infrastructure
AWS KMS cryptographic details
AWS Artifact: Central resource for AWS compliance (SOC2 report)