Okta CEO: Here’s where cloud identity management is headed

Todd McKinnon, CEO and founder of Okta, talks about the road ahead for his company and the future of identity and access management in the cloud.

Todd McKinnon, CEO and founder, Okta
Todd McKinnon, CEO and founder, Okta

Todd McKinnon founded Okta in 2009 on the outrageous notion that business user identity could be managed in the cloud. In an in-depth 2013 interview on InfoWorld, McKinnon, the former VP of engineering for Salesforce, argued that mass migration to the public cloud was unstoppable. As predicted, the number and variety of cloud applications exploded, and Okta played an increasingly important role in cloud identity and access management (IAM).

A wildly successful 2017 IPO followed. Today, Okta positions itself as a cloud service to manage customer IAM as much as enterprise user IAM, with an integration platform that enables Okta to gatekeep for thousands of applications. The company is also venturing into machine-to-machine IAM, a key part of the zero trust model.

In this edited interview, McKinnon talks frankly about Okta’s roadmap and offers opinions on several key security issues of the day. The conversation began with a brief discussion about our current work-from-home world, in which adoption of cloud applications has accelerated, particularly collaboration and video conferencing services—presenting yet more opportunities for Okta. As McKinnon puts it, “it’s great for us, even though it feels crappy to say that because of the pandemic.” The interview then moved to the most damaging APT ever discovered.

CSO: What’s your take on the SolarWinds attack and its implications?

McKinnon: SolarWinds highlights a couple of things. The first is that on-prem is not necessarily more secure than the cloud. The second thing, I think, is a massive, concrete reinforcement of the concept of zero trust.

To continue reading this article register now

Make your voice heard. Share your experience in CSO's Security Priorities Study.