Good afternoon and welcome to Okta's Virtual Investor Day. I'm Dave Gennarelli and Head of the Investor Relations team here at Okta. First of all, let me say that I hope that you are all safe and well in this current environment. We're happy to be able to deliver this event in a virtual format and I imagine that most of you are tuning in from your home offices, so we're all making adjustments. Hopefully, you were able to tune into Todd's keynote presentation at OctaneLive this morning.
That content really helps set the table for what we have lined up for you this afternoon. Additionally, you should have seen this morning's press release announcing today's event and the adjustments we made to our Q1 and our FY 2021 guidance. Now let's take a look at the agenda for this afternoon. We have a great lineup for you with our CEO, Todd McKinnon kicking things off. Diageali, our Chief Product Officer, will provide more information on the new product and feature announcements that we made this morning, as well as to go into more detail on how our products extend our market leadership.
Charles Race, our Head of Worldwide Sales, will give you more insights on our go to market strategy and Bill Losch, our CFO will provide more color on our financials. Interspersed throughout the content, we have our Co Founder and COO, Frederic Kerist, conducting conversations with 2 great customers, Dentsu and Hewlett Packard Enterprise, as well as an important channel partner of ours, Optiv. Note that we'll have plenty of time at the end of the presentations for Q and A. And if you would like to submit a question, please do so through the webcast client or send an email to investorokta.com and we'll get to as many as possible. And of course, our attorneys would not forgive us if we did not mention that we will make forward looking statements in these presentations.
So please see all of our risk factors, including the ones in our most recently filed 10 ks. We have a lot of material to cover. So with that, I'll turn it over to Todd to get things going. Todd?
Good afternoon, and thanks for joining us today. I hope that you're able to watch the Oktane Live keynote this morning. I'm proud of the product innovation, customer success and partnerships we showcased and that we were able to provide a unique digital experience while protecting our community. While it's unfortunate that we couldn't be together in person today, I'm grateful that we are in a position to both build and use technologies that make it possible for us to work productively and securely from any location at any time. I'm excited to talk about our long term opportunity with you.
While there is a lot more risk and uncertainty in the world today than in the last 3 or 6 months, we are adapting to the new reality we live in. Today, I wanted to share how I run the company and how Okta is working together as a team, but also the foundation of strength Okta is in. We have $1,400,000,000 in cash on the balance sheet. We have an amazing team focused on customer success and building an iconic company over the long term. We have a strong customer base with recurring contracts and the products we are building are critical to adopting the technologies every organization needs to use both right now and in the future.
Okta is the identity company that stands for trust, Connecting people to the right information at the right time with the right tools is a job that we take very seriously. Identity and access is a foundational component of the modern business. That trust is more important than ever today amidst the global COVID-nineteen pandemic. As a critical service, we understand how important it is that we are both a trusted partner and a trusted platform. I think it is helpful to be very clear about how I am leaving the company to navigate and manage through these times.
When there is uncertainty, it helps to go back and think about the fundamental priorities and values you have and frame everything around those. In my mind, there are 3 priorities driving us forward. The first is the health and safety of our employees in our community. Every decision we make in the short term will prioritize our community's health. Nothing is more important to me or the leadership team.
The second is customer success. Our service has to remain scalable, secure and reliable and we need to go the extra mile in whatever customers need. Identity is a critical service and as more Okta customers move to a work from home and a distributed model, we're ready to help. The third thing is that we continue to adapt. We have to make the right decisions quickly and be as flexible and agile as possible.
We are being opportunistic where we can, but realistic about what we can achieve right now. There is no question that the long term secular trends, adoption of cloud applications, digital transformation and deployment of 0 Trust security environments are in our favor. We are central to the new model of work and we are well positioned to adapt. What's happening internally gives me an incredible amount of confidence that the team is taking the right actions to lead. In just the last few weeks, as our health and safety team watched the pandemic evolve, we moved quickly to enable all of our offices to work completely from home in just a few days.
We turned all of our events, including Octane Live and today's Investor Day to digital experiences, so that we can continue to engage, educate and build relationships with all of our stakeholders. We helped many customers like FedEx and Experian move fully remote. Experian pushed the majority of their 17,000 people remote in just
a few days.
FedEx accelerated their rollout by months for 400,000 users. For all our customers, Okta is a key enabler for their remote technology. And in small and big ways, our team is managing to give back to our local communities from grants to support nonprofits and small businesses to funding food security and support for the most vulnerable. Okta's vision to enable any organization to use any technology feels even more vital to me today than ever before. Not only our organization is dealing with new dynamic and distributed workforces, they are struggling to manage huge technical ecosystems, while doing it securely and freeing up their scarce talent to innovate.
Today, customers recognize that the cloud has changed everything and that is forcing every company to become a technology company. This is why many of the world's largest organizations are looking to Okta to help them navigate this new environment and implement an identity solution that will meet their complex hybrid environment needs. One of the areas that we've been investing in is growing our base of large enterprise customers. As you heard this morning, Discovery Communications moved their entire workforce to work from home using the Okta Identity Cloud. And NTT Data is using Okta Workflows to create a centralized identity process across 900 companies in over 40 countries.
These large enterprise customers join thousands of Okta customers from every industry and size. The success of these customers is driving Okta's own success. When you look at the trajectory of Okta, we spent the 1st 10 years building the company, the core set of products in our platform. Today, we're focused on leveraging the benefits of our platform by connecting and exposing a set of services that our network of partners and customers can build on. Long term, trust in the Internet is a critical part of its success, and a function of that trust is that people are who they say they are and can access the right information at the right time.
As more organizations and more people use Okta, we'll set the standards for protocols around authentication, authorization and accounting of users, applications and devices. On the way to that longer vision, we have a plan for our fiscal year 2021. Our internal theme is to leverage our unique ability to be agile, flexible and responsive to a changing world. We'll continue to make our customers successful, execute and focus on the long term opportunity. Okta has reached a stage of maturity where our customers and prospects are asking us to help them navigate the future, not the other way around.
This shift is very important for us, especially now. We can help organizations stay secure as they shift to new distributed work environments and help them build delightful customer experiences as people move more and more of their buying power online. We're helping our customers turn 3 major business challenges into opportunities. We're providing solutions to modernize their IT departments, deliver seamless and secure customer experiences and adopt 0 trust security models. In doing so, we are also addressing what CEOs and Board members really care about reducing costs, accelerating revenue and reducing the risk of security breaches.
We only see these secular trends continuing to accelerate. Organizations need to invest in and standardize on the right core platforms. A big difference in the current generation of technology versus previous ones is that identity isn't part of other platforms, it's its own platform. And not just that, it's the most important platform. Now admittedly, I'm biased, but think about it.
Your identity platform connects users and devices to all the other platforms. It keeps things simple to use and secure. It makes everything work better together. The Okta Identity Cloud is backed by the Okta Integration Network, the broadest and deepest set of integrations by far in the industry. Our broad ecosystem of customers and partners are building and maintaining integrations to a variety of technologies.
This means it will be future proof. Wherever technology goes, we'll be integrated to it all. Today, we brought together some of our key and I spoke about and I spoke about the importance of identity and our commitment to enable passwordless enterprise experiences. Google's Head of Product for Chrome OS, John Melitas, and I discussed our security alignment and our plans to empower the workforce and drive innovation together. And with VMware COO, Sanjay Poonan, we shared the power of our companies to deliver end to end security and bring our joint customers a 0 trust architecture.
We're building the world's only identity platform. The Okta Identity Cloud is independent and neutral and securely connects the right people to the right technologies at the right time. It's scalable and secure to help you build any kind of customer experience you can imagine and enables you on your journey to build a 0 trust architecture for your organization. This concept of platform is important to us. The essence of platform is that it can support any use case or scenario any customer needs.
This is how we continue to expand our TAM and how we continue to make customers successful and enable them to use any technology. My announcements today were all about how we're moving our platform vision forward. Platforms are built on reusable services. For an operating system, think memory management or display management. For an infrastructure service, think compute, storage or database.
The Okta Identity Cloud is no different. It's built on 6 platform services. They provide reasonable functions across products. This approach allows us to innovate quickly to enhance existing products, release new products and allows our customers to innovate by accessing these services directly through APIs and SDKs. We announced 3 new platform services and a number of important product features and capabilities they enable.
For customers, this means more power and flexibility to address a greater number of use cases faster. With the Okta Identity Engine Platform Service, customers have the opportunity to tailor workforce and customer access experiences. Identity Engine also unlocks oft requested features like app level policies and flexible account recovery. With the flexibility provided by Identity Engine, we can help customers meet unlimited identity use cases. Okta Workflows makes our platform programmable.
This is essential to covering any process or scenario a customer has and it's a visual environment. You point and click to create the program. So it's not just for developers. It can be used by IT admins, security teams and business analysts. The people who know the process can program it in Okta.
Within our advanced lifecycle management product, this enables deeper onboarding, more flexible offboarding and supports complex identity conflicts. Okta Devices is a transformational new service that pulls identity out of client devices and centralizes it in Okta. This means we can use device identity in context to improve access decisions and user experience. It also means customers don't have to rely on legacy Active Directory. It enables customers to move to 0 trust security with features like limited access, remote sign out and device visibility and integrations with endpoint security ecosystems.
And it's not just about individual platform services, but combining them to make something new like Okta Fastpass. Okta Fastpass finally delivers a cross platform, cross device passwordless experience that's a delight to use and keeps users secure. FastPass is a unique competitive advantage. There is nothing like it in the industry, which provides an end to end passwordless experience. In addition to what we've added to the product portfolio over the past few years, these new platform services and features help our customers solve complex problems and also expand our market opportunity.
Historically, the market for identity was about $8,000,000,000 This is for legacy on prem solutions. The cloud opens up a much bigger opportunity for both workforce and customer identity. When we went public about 3 years ago, we estimated that the TAM for workforce identity was $18,000,000,000 worldwide. That number has increased to $30,000,000,000 as we've grown our product portfolio, increased the value of our products and as the number of potential target companies has grown. If we look at customer identity, we believe that adds an additional $25,000,000,000 to our market opportunity for a total addressable market of $55,000,000,000 In the following sessions, you'll hear from Okta's Chief Product Officer, Diya Jolly, on our product strategy and roadmap.
From my Co Founder, COO and Executive Vice Chairman of the Board, Frederic Kerrest, You'll hear conversations with Okta customers Satish Iyer, VP of Product and Strategy at Hewlett Packard Enterprise and Dominic Schein, Group CIO of Dentsu. You'll also hear from Okta partner, Optiv, with Todd Weber, CTO. Charles Race, Okta's President of Worldwide Field Operations will discuss how Okta's fiscal year 2021 go to market strategy will adapt and drive enduring efficiency. Finally, Bill Losch, our Chief Financial Officer, will share our foundation for long term strength, our addressable market and long term financial model. Thank you for joining us today and I hope to see you all in person soon.
Stay healthy.
Well, good morning, good afternoon, everyone. This is Frederic Kerrest. Thank you very much for joining us today. We're very excited to have you with us. We've got a number of very interesting interviews with both customers and partners today, which hopefully will give you a little bit of depth and shed a little bit of the color on some of the facts and data that we will be giving you.
So we'd like to start this morning with an interview with my good friend, Dom Schein, who is the Group CIO of Dentsu Group. Good morning, Dom. Thanks for joining us. Hey, Freddie. A pleasure to be there virtually.
Let's start by having you provide just a brief overview of Dentsu Group and the Dentsu Aegis Network. Yes, sure.
Happy to. So Dentsu Group is one of the world's largest advertising and marketing services groups, and we have more than 60,000 employees working globally with clients in over 145 countries. We provide a comprehensive range of services to help the world's leading brands with strategy design and transformational execution of creative experience campaigns, digital and traditional advertising, CRM and marketing, and then ultimately commerce and face to face events and experiences. And Dentsu Aegis Network is the international division of Dentsu because Dentsu is headquartered in Japan. Dentsu Aegis has around 2 thirds of the group's revenues, the people and resources.
That's great. So what led you down the path to engage with Okta?
So there's a couple of parts to this story. There's my history with Okta, which is very positive and then the challenges I saw when I joined Dentsu Aegis as CTO 2.5 years ago. I saw 3 problems or opportunities I wanted to solve for our global workforce. 1st, as a big company undergoing rapid growth with a lot of M and A and going through a big transformation to become 1 Dentsu, we needed to simplify user experience with single sign on and single identity and we needed to do that very rapidly. Secondly, we needed a simple way for all our employees to access all the applications and products they needed securely.
Thirdly, we needed to strengthen our identity position for our digital client facing platforms and products. And finally, we needed to rapidly strengthen our security posture. Now, I joined Dentsu from News Corp, where I've been global CIO, looking after technology for 25,000 people, and we rolled out Okta there very successfully and I knew based on the experience of our partnership there that Okta could partner with me on this new journey at Dentsu.
That's great. So as global group CIO, tell me a little bit about Dentsu's technology strategy and the vision that you have for IT.
Yes, sure. So at the start of 2020, I was asked to become CIO for the entire group. And since that point, we should say we've extended Okta to the whole organization. We now have over 60,000 business users and over 1,000 business applications secured by Okta.
There are
a number of pillars to my strategy. Firstly, we want to support growth of revenues and our margin through leading sales forecasting and insights platforms and processes. Secondly, and really importantly, we need to enable our lines of business to deliver market leading technology enabled digital services and products and solutions to clients. We need to really make our entire business more agile, efficient and automated, driving the cost down, driving the efficiency to improve margin. And we need to offer all of our mobile users with best of breed cloud tools that enable collaboration and creativity to allow them to work seamlessly and securely together.
Yes. So how does that's a pretty complex and detailed vision there, which is great. How does identity fit into this strategy and how did you know that Okta was the right solution for you guys?
Yes. So let's touch on a number of things. So if we look at Services Client Solutions, Okta really provides Dentsu with the strategic capabilities to address some pretty complex identity and authorization challenges. We find the tools flexible, friendly to developers, making it easier for us to do rapid development of the controls, the best practices in our platforms and products. We're actually building out a fairly comprehensive portfolio of interconnect digital products on a multi cloud microservices architecture based on Azure, based on AWS, based on Google Cloud.
This ecosystem will allow us to streamline the whole way we run the advertising business and it will also provide a flexible development toolkit, a reasonable code library and a comprehensive API framework. And really at the heart of that, we needed a solution that was open vendor agnostic, cloud first, scalable to make sure that the identity and security aspects were really thought of fundamentally. Okta was really the only option that allowed us to do that. If I move on to the desire to make our business more agile, efficient and automated. There are lots of examples here where Okta is helping us tune the whole way we run the business.
For our 60,000 people, we now use Okta very effectively Workday. Workday is where we update the master information for all our people. And then we've automated with Okta the provisioning of applications to people as they start their career at Gensu. We then enhance those applications as they progress their career. And importantly, once they leave the organization, we make sure we remove access.
In more complex use cases, we need the adaptive MFA capabilities that Okta provides. And the great thing about that is we're able to do that in a really easy to use fashion that allows us to do pretty sophisticated and complex security controls. And importantly now increasingly it's not just our business users, with those digital platforms and products we have large amounts of client usage of our digital platforms and products, and we're applying the same federated security capabilities to that challenge to allow us to manage our customers' security profiles on the platforms as well.
That's great. Well, I am very excited to hear that we are able to help you not only with your traditional workforce identity and access management vision, but also some of those opportunities that you have with customer identity and access management and really how you are transforming those client solutions and those digital services that you're providing to your customers. Obviously, underpinning all that is security, which is paramount these days. And as organizations like Europe shift security strategies to better support employees working from anywhere, like you said, the concept of 0 trust and a 0 trust security model has increasingly become a very hot topic. Can you tell me a little bit about Dentsu's Zero Trust strategy?
Where are you on that journey? And how does Okta play a role in securing your people?
Well, look at where we are right now. The 0 Trust topic has now become front and center with COVID. So obviously, employees need to be able to work from anywhere. We now have literally our entire organization working from home and like many organizations, and because of that, the traditional perimeter based approach to security has completely dissolved. Identity really is the way to have a new perimeter, and Okta is really at the foundation of our ability to do that.
So applying Okta using policy based multi factor authentication makes that possible. We've also made big steps towards those 0 trust models with our application platforms. There's still a lot of way to go. But again, we can combine the multi factor authentication, the universal directory and also the ability to use Okta to authorize transactions at the API level. That really gives us a powerful way of enabling that way of working.
So just digging into that API management framework a little bit more, this has allowed us to anchor an identity centric framework for our media ecosystem. So this platform, which is used by hundreds of clients and thousands of their users, all have different permissions, they need different attributes, and we use Okta in combination with that platform to make that possible. And finally, one of the key principles of our strategy is accepting and understanding that particularly in this way of working, we'll have many, many attacks on our organization. So it's really important we focus on detecting and responding to these attacks. So to bring that to life, we ingest over 14,000,000 suspicious events from Okta every month into our SIEM and we can use that data, that telemetry to quickly identify and respond to suspicious activity.
Wow, that's awesome. I'm glad to hear that. Well, you mentioned that you first partnered with Okta as a customer at News Corp. I know that we've been very fortunate to build our partnership over the years now at both organizations. And one of our core corporate values is around customer success and around ensuring that customers are happy and successful with the service, the platform, the product, the company and the partnership we built.
What role does Okta's customer first organization play in helping you get the most out of your Okta deployment?
Yes, absolutely. This is vital for us. In any technology partnership, you need great products and then you need amazing service with the right attitude. And that's what we get from Okta customer first. So when we purchased Okta Dentsu from day 1, we were working with Okta's Customer First team as a true partner who helped us understand the product capabilities, they look at our challenges and needs, and then we work out a plan together.
We had quite basic initial goals, but the customer first team really helped us to understand greater opportunities that then led us to actually use Okta in a more sophisticated way much more rapidly. And as we continue to grow our ambition, both for our overall technology strategy, but the way we can use Okta to support it, we found that the customer first team with their product expertise and their ability to lean in and their positive and imaginative work attitude, we're able to make really great progress together.
That's great. Well, thank you for the kind comments. I will certainly relay them to the team. They'll be happy to hear about that. So final question, wrapping up, how do you think about the future of identity for Dentsu?
And what are some of the things that you're excited about in your strategy and vision going forward?
Yes, I think it's building on everything I've said, our strategy is to expand the use of Okta to more and more adaptive identity centric applications in our portfolio, more and more legacy applications, more and more new client facing digital products and platforms, which means we get more and more benefit and when we use it. Again, as we see the impact of COVID, my bet is that the entire way that the planet works has fundamentally changed perhaps for the long term. Traditional employment norms, organizational parameters and working patterns have been shattered. I think this will be true for Dentsu and many, many other organizations. Okta's ability to enable that more fluid, flexible, anytime, anywhere, anyone working model and to put identity at the heart of enabling this new economy is a real fundamental advantage.
So I think I'm very positive about it. And really it's moved a tool like Okta from being a single sign on tool in the perception of senior management to now a tool that is a vital enabling part of our enterprise architecture as we move forward with our digital strategy to support our clients.
That's great. Well, Dom, thank you very much for taking time out of your busy schedule to chat with us today. We greatly appreciate it. Thank you very much to you and to Dansu for being such a great partner and customer of ours over the years. We really appreciate that as well.
And with that, I'd like to turn it over to Dia, who's going to talk to us a little more about product strategy and platform and where we're going with our vision. Thank you.
Thanks, Freddie. That was a great conversation with Dentsu. Thanks so much for joining us today. I wanted to walk you through what our product strategy is over the next 24 to 36 months. Our vision is to enable any organization to use any technology.
If you look at the vast majority of technology that you use today in your work or personal lives, it has one constant, your identity. This trend started with cloud and mobile and accelerated even further into this AI powered, highly personalized digital world. This is why we believe that identity is the key to achieving our vision. But there's something else. If you want to address the entire breadth of identity use cases across all these different technologies and experiences for a landscape that is continuously changing, it's impossible to do that as one off products.
You can only do that through a platform. There are 3 core characteristics that an identity platform must have. 1st, at its core, we built the Okta Identity Cloud to be open and extensible. This means it can plug into any technology and any technology can plug into it as needed. This makes it possible for us to work across operating systems, across clouds, across devices and across other platforms, effectively connecting with everything.
2nd, it serves the needs of every type of user that depends on identity. Whether it's IT admins, DevOps teams, CISOs, development teams leading their business through digital transformation or external third party developers who want to develop on top of Okta. And lastly, it must be secure and private. Continuously evaluating a user's security posture and determining what that user can or cannot do in an application. At the same time, it must have the ability to optimize a user's data collection and enable the management of privacy and consent.
These are the three characteristics that we built the Okta Identity Cloud on and it is what differentiates our view of an identity platform. To deliver on the promise of what an identity platform needs to be, we built the Okta Identity Cloud to be truly modularized and service oriented with what we are calling Okta Platform Services. These platform services are extremely powerful because they can be adapted to meet a variety of different use cases and allows us to meet the promise of what a true identity platform should be. More so than any other year, this is the year of platform at Okta. Supercharging our platform gives us even more breadth to solve the constantly growing challenges for enterprises in the $30,000,000,000 workforce and $25,000,000,000 customer identity market.
When you think about the most pressing problems enterprises are facing today, they are as follows. CIOs and IT organizations today are struggling to modernize IT in the face of increasing organizational complexity. CTOs, CMOs and product leaders are struggling to deliver a seamless and secure customer experience while innovating freely. And CISOs are struggling to adopt a 0 cross approach to security across both customer and workforce identity. So let's start with how we're helping CIOs modernize IT.
It is virtually impossible to talk to an IT team about modernization without discussing complexity. Let's think of a multinational bank with multiple products like checking and savings accounts, credit cards and mortgages and loans and more. They have tens of thousands of employees that work in their headquarters and across various branches, yet thousands of contractors and suppliers. These contractor and supplier relationships are dynamic and they change over time. All these people need access to the bank's resources to get their work done.
At the same time, the bank's organizational boundaries are dynamic. They are acquiring new lines of businesses and divesting non performing businesses. To complicate matters, each of these different business units have different tech stacks. And all of these business units and teams demand the same freedom and flexibility to manage their own users, their own apps and their own business processes. But at the end of the day, it is 1 bank and 1 IT organization.
For the bank's customer identity backend, the complexity is no less. They sell their products to their customers via their retail locations and through their digital webinar. They also have a network of thousands of brokers that sell their products. These brokers need access to the bank's resources to get their job done, but data must be segmented appropriately across these brokers. These brokers have their own employees and business processes.
So they are looking for the same freedom and flexibility in managing their organizations as the bank's business units and teams. Adding to this complexity is the fact that each of their customer facing digital experiences use a different tech stack. Different products and different brands need different tool sets to deliver on their promise to their customers. These products cross state and country lines, and so they have different data residency and other laws governing them. At the end of the day, it is the IT team that is managing identities for all of CIOs and IT teams, not just in banks, but across every industry are struggling to make sense of and manage all this complexity.
But what stands out in the midst of all this complexity and sprawl is that identity is a natural control point across both customer and workforce identity use cases. And our platform approach presents a unique opportunity to holistically solve many of these use cases for our customers. So let's see how. Today, we introduced Workflows, a new identity centric, no code automation platform service. We also introduced how workflows would enable our advanced lifecycle management product to allow enterprises to automate much more complex provisioning use cases than before, and all with no code.
This will allow us to deepen adoption across our existing customer base, while at the same time attracting new enterprises to our platform. But this is just the start. If you think about the bank, they need to manage the entire identity lifecycle for their employees, contractors and partners, not just provisioning and deprovisioning. What do I mean? Take for example an engineering partner or contractor that has been hired to work in a new mobile banking app with our multinational bank.
The contractor's life cycle looks completely different from a full time employees. They don't live in an HR system. Often IT doesn't know who they are and they come in and go based on projects. Yet, they should be able to register for an account, be granted access through roles like contractor and mobile app project. The contractor role should be defined by IT and carries strict sign on policies and provisions.
The mobile app project usually defined by the bank's digital team and includes the right level of granular entitlements within GitHub, AWS and Slack. If the contractor gets hired full time, their record should be automatically updated as should their role, access policies and entitlements. Today, companies solve these scenarios with a combination of manual processes and custom built solutions costing them 1,000,000 of dollars. We know that by bringing together our workflows, directories and integration platforms, we can provide a much more comprehensive solution for our customers. Our integration platform already has deep integrations with all of the leading HR systems.
We will layer our workflows platform on top of these pre existing integrations and build rich no code connectors to all these HR systems. So now organizations will have the power to deeply customize how identity data and business processes flows into Okta, not just out of Okta. We've also always talked about how our Directories platform acts as a system of record for our customers, for their users and their apps. Going forward, we will significantly enhance our Directories platform service. In addition to users and apps, we want to be able to model and store devices these users use, both managed and unmanaged.
Granular, flexible and customizable roles organizational units and hierarchies and granular customizable life cycle states of users. We will build a graph of all the resources in an organization, not just apps,
and we will build
a graph of the entitlements across those resources. We will do this not just for an organization's employees, but contractors, partners, suppliers and even their customers. This will allow organizations to trigger automated actions based on these life cycle states, these rules, organizational units and hierarchies, and they will be able to do all this using clicks, not code with workflows. This is extremely important, especially if our customers have a large network of contractors, suppliers and partners that are more dynamic and need different permissions and policies in different lifecycle states. Imagine the different policies that the bank would signed to its engineering contractor versus contractors that help them service their ATM machines.
Now in keeping true to our platform approach, we will build each of these pieces to be open, flexible and extensible. So if our customers or partners want to use all these granular and detailed elements in our Directories platform, to be able to build their own custom automation, custom apps, customer reporting or other use cases, they will be easily able to build on top of our platform to do so. While we were talking about applications just now, everything I talked about benefits other resources as well, servers, VMs, containers, databases, etcetera. Advanced server access was built to solve the challenges that modern DevOps space in securing servers as they move to the cloud by providing identity centric access, just like Okta did for cloud apps. And businesses like Personal Clapton, Mailchimp and Workiva are all finding success using it since we introduced it a year ago.
By combining the identity centric access technology of the ASA with the new advancement in directories, we can extend ASA to support deeper authorization. And it can also become the access layer for more than just servers and VMs, whether it's cloud databases, ephemeral containers, serverless and more. In addition to helping customers manage identity lifecycle across their various resources, we also want to provide the tools that allow organizations to easily manage the identity sprawl they have to deal with. Going back to our multinational bank, they need to support data segmentation across brokers and they need to support data residency restrictions across geographies. So they have thousands of Okta tenants.
To drastically simplify managing Okta across these thousands of tenants, we're making significant investments in our public APIs across our entire platform. This will allow developers to automate complex configurations and access aggregated reporting without entering the Okta console. This complete programmatic control over configuration of Okta is incredibly powerful for IT automation. Now the bank's IT team can finally add DocuSign for their brokers and apply appropriate policies that go along with it across thousands of brokers at once automatically. Managing away and abstracting complexity for the modern enterprise is how we can and do help many, many CIOs.
But as we discussed in the beginning, a true identity platform serves multiple use cases for multiple types of users. For CTOs, CMOs and product leaders using our platform for customer identity, we want to make sure they are able to deliver a secure and seamless customer experience. Customer identity is a $25,000,000,000 market. Part of what makes that number so big is the expansive role identity can play in a customer's journey. Our platform approach positions us to not only solve access problems, but many other identity challenges along the user's digital journey with an organization.
This allows us to address the customer identity challenges of more and more organizations. Now what CTOs and product leaders really want to do is innovate. They want to solve problems for their customers. That means being free to approach those unique differentiators and features, the things that will truly define their success without spending their valuable resources on their identity experiences. So how do we help them do this?
Think of the Chief Technology Officer at a major airline. Their business is flying, not writing code, so we know they're handling scarce development resources. But at the same time, their digital experience is their customers' first touch point with them. So it is extremely important for their business and customers demand engaging, customized and personalized experiences. Okta can truly become the backbone of each traveler's customer journey and here's why.
We introduced new pieces of the Okta Identity Engine this morning. It enables us to offer a secure customized access experience, creating a platform service that's accessible via APIs and SDKs, while still offering customers the ability to customize extensively out of the box. The Okta Identity Engine gives us the reach and scale to address the authentication needs of any organization and any developer, regardless of how custom and unique the customer experience they're trying to build is. For our airline, Think of being able to easily provide option MFA for those flyers who want more robust security and transactional MFA for something like a purchase or saving credit card information and lots more. While Okta Identity Engine is a big leap forward, it is just the first step.
Let's talk about how. Think about the marketing team of the airline. They know that in order to be top of mind with customers, they need to be able to provide a consistent and coherent brand story and presence for customers throughout their journey. Developers today spend a lot of time doing just that, ensuring consistency in branding and look and feel across an entire user journey. On top of all of this, they have to also deal with localization of all these experiences.
Apps and multiple touch points in a traveler's journey like registration, authentication, consent, recovery, access and profile management experience. But it shouldn't be that hard. Using the Okta Identity Engine, the workflows platform service and new investments in customization capabilities, we can provide a much more automated and comprehensive customization solution for developers and marketers. We will allow the airline to define brand themes and customization themes that they can instantaneously apply across every traveler touchpoint in the identity stack, whether that is a registration page, a login page or any other piece of the user's identity journey. Using our no core workflows platform service will take things further.
We will enable marketing teams to build integrations into their market stack. This will enable them to automate propagation of brand assets and customization teams down to every end user touchpoint every time the marketing team updates these assets or themes. Developers wouldn't even need to be involved. Imagine never having to write code to bring that airline's brand to their customer identity experience. And we can do this for all our customers.
While end users love having a personalized experience with the airline, they also need to be able to trust it. Today, every organization needs to assure its users that it is appropriately managing their data and privacy. Building and managing for these user expectations and ever changing regulatory requirements presents a difficult and time consuming undertaking, especially for a large airline with a global customer base. Identity and Okta can be the key to solving these problems. We plan to build end user consent forms, user journeys that are customizable based on consent status, consent tracking dashboards and consent versioning and management.
We will also leverage our integration integration platform and the Okta integration network to provide deep pre built integrations with companies in the space like Air Grail and OneTrust. All of this integrated into our workflows platform service will allow organizations to build end to end privacy and identity centric workflows. So now if our airline wants to ask for passport information through their app, they can have the appropriate set forms, the appropriate integrations to manage data deletion and retention. And all of this can be built using Okta without needing to cover together multiple systems. Okta will play an even bigger role in helping organizations bring their customer identity, not just to their digital experience, but into other parts of their tech stack that run the rest of their businesses.
For example, for an airline customer, there are security integrations to prevent fraud, integrations into logistics planning tech stacks, so if a bag gets lost, they know how to find the owner. Integration into customer support tech stacks that need to know who that stranded traveler is before they get on the phone. How will we do this? The Okta integration network enables deep integrations to the various parts of any organization's tech stack to make identity core to each of these services. With workflows, these various integrations will allow different teams within an organization to automate different customer related business processes without a line of code.
All of this together will allow organizations that use Okta for their customer identity to deliver truly seamless customer experiences across the customer's entire journey. And it is identity and Okta that will be central to how they drive customer value. Innovating quickly and freely building products used to be the kind of thing that was at the detriment of security. But by building an extensible, integrated and open identity platform, end to end security becomes a reality. Imagine a CISO at a national insurance company with tens of thousands of employees, thousands of pharmacies and millions of customers across this network.
They have one of the most challenging roles in the company. They're constantly working to keep their workforce of insurance professionals, customers and pharmacists secure in today's continuously evolving threat landscape, dealing with some of the most sensitive information out there. Now what makes their job even more challenging is that the security vendor landscape is extremely fragmented. There is no one vendor that provides an end to end solution. So they're left to cobble together their own solutions and they have to use multiple different systems to even be able to get a full picture of the organization's security posture.
And when remediation needs to occur, it's even more challenging. They're inundated with multiple alerts from multiple systems. Our insurance customer is in a highly regulated industry. Not only do their employees deal with highly sensitive customer information, but so do their network of pharmacists and customer service contractors. Streamlining and providing end to end security for these constituents can mean the difference between a catastrophic data breach or business as usual.
And this threat doesn't just exist within their workforce. Their customer base too is susceptible to account takeover and fraud. This is true not just for insurance companies. Every CISO is battling today's constantly evolving threat landscape. In a 0 trust world, identity plays a unique role.
It is a unique fabric that can be used to create an end to end security solution for every enterprise regardless of industry. So how do we deliver on this future security state of end to end security? This process is well underway. This morning, we launched our devices platform. The devices platform allows us to understand the endpoint the user is authenticating from much more deeply.
We can bind devices to users to provide a greater level of security. It's a core component of leading features like FastPass, but it can do so much more. It also allows us to understand the security posture of a device, whether managed or unmanaged. So now if you see a pharmacist accessing customer information from an unknown device, we can do a step up authentication. Or if a customer tries to access their account from a jailbroken device, we can deny authentication.
But delivering end to end security requires even more. It requires us to provide security not just at authentication, but continuously across the entire session. And to do so, we must be able to better assess risk throughout the entire session and take action against that risk. To better assess risk, we will be enhancing both our devices platform and our insights platform to be able to ingest signals from multiple vendors like EDR and MDM vendors, CASPs as well as apps that track risk based on user behavior, for example, G Suite. We will combine the signals from these external sources with the device signals we collect and the system level signals across Okta's entire network.
So now our risk engine can better understand and analyze risk signals, creating dynamic risk profiles of every user that get updated continuously, not just at the time of authentication. Now for our insurance customer, we will be able to have a much higher efficacy in detecting if a claim worker's account has been compromised. But understanding an individual's risk profile is only half of what is required to deliver continuous authentication. We also need to be able to take action against that risk. Our platform, coupled with the Okta integration network, enables us to limit in app actions through deeper integrations with applications, work with a whole ecosystem of security tools, including CASB to cut off blanket access should the situation go for Use Okta access gateway to cut off access to legacy applications.
This means we can cut off access to sensitive data or terminate access to an app or even terminate the entire session if the security posture changes for the user, the device, or the network. This is extremely powerful. And for our insurance customer, this could prevent potential data breaches and the loss of patient records. Finally, we plan to build security related connectors and flows using our workflows platform so that we can make it easier for our customers to automate the actions taken across all of their apps and across the security tools in their stack. So now we can help them deliver security orchestration and remediation functionalities, all without code.
If their security team relies on functionality like PagerDuty and ServiceNow for operational management, Okta will enable them to automate alerts based on downstream risk signals. So as I just showed you, our platform service advancements in devices, integrations, insights and workflows will collectively pave the way for a truly end to end security solution for both our customer identity and workforce use cases. Every CISO, regardless of industry, can get on board with that. To end, I hope I've shown you how we are building the Okta Identity Cloud as a platform to meet these broad market trends for CIOs, CTOs and CISOs. But beyond that, there are 3 key reasons why our platform approach is so differentiated and positions us so well for the future.
The first is that by building the Okta Identity Cloud as a platform, we enable our product teams to address new use cases faster. Delivering a flexible and customizable platform makes Okta the ideal partner to tackle the core of new use cases that identity has become central to. The second is that our platform approach also enables us to innovate far faster than our competition. All of our technology is built to interplay across products rather than explicitly for a single purpose. Lastly, our platform is designed to enable innovation and accessibility beyond Okta.
Public APIs and SDKs make these core technologies available to a broad audience of customers and partners to develop on and with. Simply put, at Okta, we are building the identity tools and not just Okta products, but the entire industry can standardize on. The network effects we are creating is incredibly powerful in terms of our product innovation and our ecosystem future. And it is our platform approach that gives us the power to truly meet this massive opportunity and vision. Thank you for your time.
And now I'll turn it back over to Freddie again for a conversation with Hewlett Packard Enterprise.
Well, thank you very much, Dia. Now I'd like to introduce Satish Iyer, the Vice President of Product and Strategy for Hewlett Packard Enterprise. Satish, thank you very much for joining us today.
Thank you, Freddie. Nice to be here.
Now I guarantee that everyone listening here has heard of HPE, but can you share a little more about the company? What are your primary areas of responsibility?
Yes, sure. So HPE's genesis was around November 2015 after the separation from Hewlett Packard or HP. Today, HPE or Hewlett Packard Enterprise is a global HD Cloud Platform as a Service company that helps our customers in terms of accelerating their outcomes by specifically focused on unlocking value from their data. So we are a platform as a service company and our my focus specifically within HPE is I'm a VP Vice President of Products in HPE GreenLake, which is a premium massive service offering we have in HPE. And specific focus on HPE GreenLake has been to drive the hybrid cloud experience for our customers.
So HPE has gone through a lot of changes over the past couple of years. How is HPE GreenLake changing its business model to create better business outcomes and reduce friction for its customers?
Yes. So like you said, Preeti, I mean, yes, we are going through a lot of changes. We our CEO had announced last year that we will offer every product portfolio we have with an enhanced service option if a customer desires. So that's a big transition on a big change for a company which is primarily known for very as an infrastructure provider, right? So we HP announced GreenLake a few years ago to fundamentally support the change by with our customers who consume IT.
We see our customers consuming IT pretty differently. I mean, a lot of them going to public cloud. They've got their experience, but they also want the security and the scalability of having things on prem. So GreenLake kind of helps our customers to consume this IT as a service as it delivers this on demand capacity and planning and it combines it with agility and economics of public cloud. So that's kind of been our focus and that's kind of where we're trying to reduce the friction of the customer.
We're trying to bring that experience for customer likes, so much likes about the public cloud into an on prem model.
That's great. Did you consider building identity right into HPE Services yourself? What led to the decision to bring in Okta versus dedicating an internal development team to Identity?
Yes. I mean, that's a good question because like every software company, we do think that we can pretty much build anything, right? But I think at some point, I think the decision was very simple in terms of is it core or is it contextual to what we do, right? So identity is a key backbone in terms of the various service offerings we have, but this is not also the way by which we want to we make money on. So it's kind of important to recognize that.
And I think we so our transition also needs to happen pretty quickly, right? So we understand that this is the contextual discussion, but we also need to make sure that we don't want to expose our customers to any risk. So we kind of ultimately decided, we looked at some open source options, but we ultimately decided to work with Okta because Okta is made for the cloud, you are born in the cloud and you are fundamental to our SaaS strategy. I mean, we it's important for us to be able to have a industry standards, which allows us to federate across a multitude of our customers, whether it's customers' identity systems or HPE is their own identity system or a bunch of SaaS partners or hyperscalers, right? So we are looking at an ecosystem.
When you talk about hybrid cloud, you look at an ecosystem which is really, really complex. And each of them have their own identity and access methodologies. So we kind of needed somebody who can a very trusted partner with us who can actually take that entire heavy lifting and take care of the identity for us. And I think kind of it's important for us to actually make sure that somebody who is born and used to the cloud environment to be able to do that.
Yes. And Satish, I know that you have obviously broad connections throughout the value of the technology landscape. So you have your pulse on a lot of what's going on. Can you tell me how was HPE introduced to Okta when we got started with the relationship?
Yes. I mean, it's funny because I actually know a lot of my ex colleagues and friends who actually end up working with Okta. But the way we got connected is very it's like any classic way, right? Engineering had a problem. They needed to solve the identity issue because we were planning to build a platform to host and manage all these services for our customers.
And I think engineering team was pretty familiar with Okta because they've been looking at few other vendors and like I said, open source and other things as well. I think once we kind of narrowed down what our core business strategy is in terms of how we want to drive this forward, I think your account teams are already engaged with the engineering teams and they were pretty good at laser focused in terms of saying, okay, you know what, I know who makes the decisions here, right? So it's so they have done a good job of kind of pivoting and working with us. So but the relationship existed before, I think when the engineering teams are already evaluating. But I think your account teams and your sales teams are pretty, I would say, very customer focused and very driven in terms of making sure that we can bootstrap and bring it along pretty quickly.
So obviously, huge transformation you're undergoing at a company like HPE and one that obviously you're driving very important role, very important strategy there. Do you think about the future of identity at HPE? What's next? You've obviously taken these great first steps, but how do you see that progressing now?
Yes. I mean, I think HPE and HPE GreenLake is we are very focused on driving that cloud experience through our platform. I mean, GreenLake Central is our platform. And for us, identity is the key backbone, right, for us to be able to offer this seamless access to a whole range of services for our customers. So when the customers look at this and when they don't know what's happening in the background, but they're able to actually get all the right service experiences, whether they are internal or they are coming from an ecosystem of partners or public cloud providers, then I think we have done our job, right?
So I think to me, identity is definitely a key driver for the experience we want to drive with our customers. And if nothing else, I think we are onboarding more and more services and the platform is getting more and more richer. We're extending it to the edge. So I think it's going to be, like I said, a key element of the entire service experience we are going to aspire to do.
That's great. So what's your perspective for us maybe to wrap it up here on the power and the flexibility of the Okta Identity Cloud and how do you see it benefiting your organization?
Yes, I mean, for us, we have leveraged the power of the identity cloud. I mean, for me, the GreenLake is our everything as a service platform. So the identity cloud specifically has allowed us to support basically a lot of customers' SSO requirements. And we see a whole bunch of enterprises and every one of them have their own set of capabilities and needs. And I think for us, it's having supporting any customers as no requirement to some specific enterprise federation from SAML to YDC to Active Directory Sains.
I think they are pretty key. And another aspect which we always like and we will be doing more of, there is a good set of APIs and SDKs available to Okta, but we also like the fact of having more automation built in in the portfolio because a lot of times when we actually manage these hybrid environments for us having the global reach of the Okta products in the cloud portfolio with the right set of automation building is going to be key for our success as well. So I think those are the specific things my team is looking at and I think they'll be working much more closely with the Okta team on taking some of that to the market.
Well, with that, Satish, I'd really like to thank you very much for taking time out of your busy schedule to chat with us today. I think that was very interesting and probably very informative for a lot of our audience here. Thank you very much for your partnership and for being a customer. We really appreciate it, and we're very excited about the journey ahead.
Thank you, Freddie. Thanks very much.
And with that, I'd like to pass it back over to Charles. Charles?
Thanks, Freddie. Hello, everyone. Great to
be talking to you all again, albeit within this new virtual format. In 2018, I spoke with you about Okta's potential at that time. None of those things have changed, and the outcomes since then have only served to reinforce my viewpoint of the opportunity ahead. Particularly, the 3 secular trends around the move to the cloud, security and digital transformation remain as strong as ever today and will be that way well into the future. Okta's role in unlocking technological potential through identity for organizations has only grown, and our long term vision continues to serve as our North Star.
The financial numbers reiterate our belief in the opportunity, and whilst there are short term circumstances that we are adapting to, our future is bright and only getting brighter. I've been extremely lucky to watch Okta go from about $160,000,000 of revenue in FY 'seventeen to nearly $600,000,000 in FY 'twenty, and now we're well on our way to over $1,000,000,000 in just the next couple of years. So great growth so far, but there is no room for complacency. So let's talk about the current go to market focus areas to continue that acceleration of growth. Our strategy for FY 'twenty one is built around 4 key growth pillars, underpinned with maniacal focus on execution
and aligned, as always, to the
success of our customers. Specifically, we want to ensure we also take advantage of the identity platform innovations that Todd and Bir have already discussed. That ability to flexibly meet the needs of our global customers today across a broad set of use cases in an increasingly efficient way positions us well for the future. Obviously, we are living in unprecedented times. And whilst this strategy is relevant for both our short term delivery and longer term goals, there is a need to be particularly agile right now, and I'll be talking to some of those areas later on in this presentation.
So let me take you through each of the components of the strategy in turn. The first pillar is around driving new logo acquisitions, specifically through an increased entry point via our customer identity offering, which has seen considerable pull from customers and prospects across all industries as those organizations undergo various evolutions themselves and look to new digital ways to grow their businesses. Particularly in FY 2020, we had incredible success selling customer identity into some great new logos that you can see on the screen. This was consistent across multiple verticals and with very repeatable use cases, which is unique in that it opens the door for a variety of new ways to sell big deals. Part of that means the opportunity to sell within large organizations to new personas that we haven't previously engaged, including CTOs and Heads of Engineering.
And these new targets may be tasked with their own digital transformation initiatives where security is a big concern for their customers. Additionally, companies are embarking on a partner or even B2B focused portal that's integral to their business success. And similarly, smaller organizations with respect to employee size, who have huge customer bases, are actually starting their Okta journey with customer identity to secure those individuals. These strong factors, combined with looming compliance concerns, have made customer identity an area of exceptional growth for us, and one that presents the opportunity to not only sell to existing customers, but intact an entirely new area of logo acquisition. And our ability to make gains here really showcases the agility of our organization, recognizing new opportunity and taking advantage of it.
The 2nd pillar ensures we also create a customer journey that provides for both landing into new customers as well as expanding across them with new use cases. This process of gaining a foothold and then deepening our relationship is predicated on more than just having products that meet the market needs. After all, these are massive organizations with significant resources, So we're not really comparing single sign on capabilities when it comes to winning the world's largest companies. They want an entirely different kind of commitment over their technology vendors, and it's something Okta is uniquely positioned to provide through our independent, neutral, identity platform. That flexibility, both in terms of our technology innovation and our approach as a field organization, position us well solve immediate pain and stay for the long haul.
Our customers are quickly realizing that it's our ability to be their trusted partner across all kinds of problems that enables us to make meaningful difference to them. And all of that is possible through something we call Okta Trust. So what is it? OktaTrust is about the fundamental commitment we make and maintain with our customers, and it's comprised of 3 main components. Organizations today understand they need the identities of their workforce and their customer base to be secure, accessible and available.
Our scale is unmatched when it comes to meeting the global needs of our customers, and we continue to invest in growing it along with our platform capabilities. Our mentality of always on gives us reliability that is one of the best in the industry, and it's clear that Okta is a technology partner you can count on when you need it. In recent weeks, this reliability has really shown itself in how our customers are adapting to evolving working arrangements that demand access from anywhere.
And
our record on security makes it abundantly clear to our customers that they can trust us with their most valuable information. And it's this ability to deliver on these three key elements that makes the foundation of Okta Trust. And it's led to more organizations giving us the opportunity to work with them and ultimately to provide them with more products and solutions. Great examples of this expansion opportunity is both Okta Access Gateway and Okta Advanced Server Access, the newly released products from last year that have been extremely well received as now critical infrastructure by some of the largest companies in the world into new use cases for them. By landing with Okta Trust and then expanding into these organizations, we are able to become more than just solutions for accessing cloud software, but become the partners that enable them to adopt any technology quickly and securely.
And the proof behind our approach of trust based selling is in the progress we've made with the world's largest organizations, where we have over 20% penetration now. To add some color to that focus and growth that's illustrative of our land and expand approach, I'd like to provide you a couple of examples. The first is a Global 2,000 health care services company with approximately 50,000 employees in 46 countries. To date, this company has a lifetime spend of $4,700,000 with us. We initially landed with a customer identity to help the company create a secure customer interface for 1 unit within the business, resulting in a $600,000 transaction.
6 months later, the entire company adopted one of the workforce products, committing another $600,000 and we have continued to engage and build trust with them. They viewed us as a partner and advisor, helping them navigate how investors ensure a secure and easy to use access for their workforce and their customers. There were additional use cases and user expansions in this relationship, including adding employees from a company they purchased onto our Workforce products in a very streamlined manner. And a little more than a year after the initial workforce module representing a further commitment of $2,700,000 And we believe there are still many more opportunities to expand with this company going forward as they have additional business units that are customer facing that could benefit from our solutions as exemplified by our unit that committed to spend another $450,000 just last year. The second customer example is a global consulting company with over 25,000 employees.
In total, this company has committed to spend over $7,500,000 with us all in the span of 3 years. This customer had a few different legacy workforce identity offerings in place, but wanted to standardize the entire company on a single identity provider. They chose Okta because of our breadth of capabilities and our industry leading position, resulting in a large initial land of over $4,000,000 In parallel to this effort was a digital transformation initiative where the company wanted to provide a unified access experience for all of their clients. Similar to the workforce side, they had pieces of technology from various providers, but quickly realized they needed a unified identity layer that could scale within their business. This company chose Okta because of the proven reliability, scalability and market leadership we have in this space.
And this led to a customer identity upsell of $900,000 just 1 quarter later after the initial large land. There were 2 further products and user expansions that followed, totaling $2,600,000 And we believe there are still opportunities to further grow with this customer with new existing products going forward. And it's this land and expand approach that yields long term results for our organization's growth, but is made possible through our agile innovation and broad applicability. In order to continue to efficiently grow, however, we must add pipeline in a cost effective way. And so on to the 3rd pillar of our strategy, which addresses how we continue to drive more pipeline without spending linearly more money.
By helping our partners build their identity businesses, we have already created efficiency and increased demand generation by dividing and conquering together. We're continuing to add to the growing list of sales and presales accredited partner resources and Okta certified consultants to create pipe and deal flow that we ourselves are not touching until far later down the funnel. And ultimately, this is driving far more volume throughout the sales cycle, and it's happening across the board from a geographic standpoint and throughout our ecosystem from a technology standpoint. Over the past 18 months, we've overhauled our partner ecosystem, and the result is broader reach and greater contributions. Our partners were involved in over 60% of our business in Q4, which is up over 60% year over year.
I want to point out here that not all of our transactions that our partners are involved with are invoiced by the channel partners, and Bill will provide an update on what that split looks like in his presentation. And our strategic partner ecosystem is expanding, especially internationally, and we now have over 1,000 channel partners operating in 44 countries. This expansion gives us incredible reach, and it means that while Okta is making strategic investments across the globe for our long term growth, we're being bolstered by our partners operating in all of those places and then some, which is a great segue into the 4th pillar and priority for us this year, our long term international expansion. In FY 2020, we opened up or expanded offices in Munich, Paris and Amsterdam to fuel our European growth, and our partner channels are getting us access across all of the Asian markets. International expansion remains a top long term priority for us as the secular tailwinds I described earlier are global ones and will continue to be well into the future.
In addition, with those office openings, we also made some strategic infrastructure decisions, including opening a new data center in APAC to drive new opportunity. And this is an area we will continue investing in with a strategic focus on markets with significant upside. It is worth mentioning at this point that already today Okta has many customers with global workforces who use the Okta Identity Cloud, including Flex. Flex employs approximately 200,000 people in over 100 factories and offices around the world in 30 countries. They design, manufacture and distribute products for more than 1,000 customers in 12 industries.
Today, the company continuously adds factories, suppliers and employees to their portfolio in one part of the world or another, whilst at the same time consolidating or redeploying other resources as needed according to the global market and customer needs. Protecting customer data, keeping suppliers in the loop and securing employee access to critical applications all present sizable security and productivity challenges and flex work with Opera to solve them all constantly evolving problems everywhere in the world. We are increasingly becoming more productive when it comes to identifying and selling to global businesses like Flex, and it continues to be an area of priority for us. Underpinning these four pillars of growth is a constant strive for execution excellence. For us, productivity is really focused on making sure our go to market organization is applying our resources in the best way possible, competing and winning in the largest opportunities while still taking advantage of every segment we can reach.
And this includes 5 person companies, up to 1,000,000 people government organizations and everything in between. That means making sure our segmentation, messaging and funnel management is carefully coordinated. And many of you have seen this layout before, but I wanted to bring it up again to convey that this strategy is working, and we continue to invest in the organization, both workforce and customer identity. For larger enterprises, we split accounts into what we call named and enterprise groups, supported by field presales, specialist experts and value engineering. Our commercial business has more telesales and remote sales teams split into corporate and emerging accounts.
And here, for cost reduction, we are leveraging remote presales and return on investment tooling to drive lower cost growth. A balanced pipeline management motion is supported by our demand generation groups across both inside sales and marketing, all messaged appropriate for the segment they support. I also want to take a moment to discuss how our organization is able to maintain productivity even during the current difficult climate. In times of uncertainty, protecting people's identity and their data is as critical as ever, and aligning how we can assist all organizations to work remotely and productively whilst continuing to secure their most important assets is where we are adapting. Specifically, in the short term, we're reorienting all of our resources towards digital spend and virtual environments to drive demand and being a trusted advisor for our
prospects and customers as they navigate what has become a new
normal pursue our FY 2021 strategies even in climates like this pursue our FY 'twenty one strategies even in climates like this one, while still keeping an eye on longer term goals and motions. Avenues like customer identity pose significant upside as companies look for new and innovative ways to quickly pivot their traditional revenue streams. And these can be smaller organizations that embrace virtual sales cycles, while still having massive consumer user bases that can benefit from our technology. Longer term, we are confident our segmentation approach and our demand generation approach will continue to deliver great results and intelligent growth. Once we've successfully sold into these customers, we do want to make sure that they not only keep using Okta and gain significant value from their investments, but are in a position to utilize even more of our services as we expand within their accounts.
So last, but not by any means least, maintaining Okta's core value of customer success is critical to the success across all of the pillars. And that means realizing the potential of the Okta technology they've purchased and taking full advantage of the Okta Identity Cloud. To move customers along that adoption continuum towards upsell opportunities, we've implemented an approach we call learn, deploy, adopt and grow. Learn is the first step, which happens before day 1. Our expert instructors will arm customers with an in-depth product knowledge and show them how to leverage full product functionality.
After that, during deployment, we'll help customers design their architecture, integrate their first applications and go live quickly. And then we move on to adoption, where we look at the products they've purchased, making sure they're maximizing their use of them. And finally, we'll help them grow, identifying different opportunities within their existing environment to expand their architecture and utilize additional features and functions to help them grow their business value. Learn, deploy, adopt and grow is part of a larger point I'm known to frequently make here, which is happy customers buy more software. And our commitment to putting our customers first and helping them gain value via adoption in FY 2021 is part of what will keep retention as high as it has been and pave the way for more opportunities in the future.
So back to the summary of the key strategic pillars. We are confident we have an agile yet deliberate plan to maximize our opportunity whilst keeping our customers my belief that the market continues to move towards us. And while we are currently in a different environment than one we have been in, business is still being conducted and we continue to find opportunities. The problems and challenges modern enterprises face are the exact use cases our identity platform was designed to help solve, and our approach to building that functionality puts us in a position to adapt and grow with the kinds of changes that massive companies and massive user bases are likely to seek in the future. For Okta, it truly is just the beginning.
Thank you. Now we're going to take a quick 15 minute break before we hear from Brenny and our partner, Optiv.
Well, welcome back everybody. I am very excited to be here with Todd Weber, who is the Chief Technology Officer of Optiv. Todd, thank you very much for joining us today. We're thrilled to have you.
Thanks for inviting me. Great to share with everybody and thanks again for giving me the opportunity.
Yes, of course, absolutely. So perhaps start by introducing yourself, telling us a little bit about the identity service practice that you have at Optiv and how we've gotten to know each other.
Sure, sure. Todd Weber, I'm the Chief Technology Officer for Optiv Security. We are a security service integrator that expands the whole concept around cybersecurity, but particularly featured around identity services. We have a large identity services practice that came together as part of Akuvon and Fishnet together into Optiv and that we've continued to invest in and is one of the core featured services practices that we are investing in at the current time and have been for quite some time. And we believe where identity services has become a cure in overall cybersecurity architectures and is one of the key aspects of what we believe we can help our clients develop new and better frameworks around identity.
And as digital transformation and other things are occurring in today's day and age, identity is becoming the core crux of that reference framework.
What have you seen around changing landscape? How has identity from your perspective become a more central piece of security every year as things proceed?
Well, I mean, the landscape is obviously changing in multiple ways and not the least of which is, compromised credentials is probably the number one infiltration method these days, as well as doing especially painful these days is our work from home strategies these days to where the key construct of application access or any access is around who you are, not where you are. And as many companies have started to invest in a lot of network security components, the concept of identity becomes the most important. And as people have moved to cloud infrastructures and infrastructure as a service, what you'll see is that identity becomes a key part of that. And where I see many of our clients need the
most help is on the
concept of identity, especially as it relates to cloud. And then as people through their digital transformation also as well are moving not just their corporate workforce into these constructs, they're moving their clients into these aspects as well. And that even becomes a further integral piece because now you're also trying to match up governance controls along with customer experience, which is, in my mind, even harder challenge to come up with.
Yes. And I'm sure that for you, you've obviously been a long time member of the security and identity industries. You've been doing this for years years, probably pretty cool to see not only workforce, but customer identity and access management becoming a key part of your practice as well over the last few years.
It's becoming larger and larger and it's great to see. I would say it's one of the more unique challenges for me. And I'm not it's almost one of those things I almost feel like I'm not qualified to talk about. I can tell you all the corporate controls you can put on people and because mainly you just don't have a choice, but what fits best cybersecurity profile. But then in the user experience, it's like what can my grandmother do in a hotel with a QR code on her iPhone?
I don't know. Anyway, but that's a challenging piece.
Yes, obviously. Okay, so we're in the midst of a very unique environment obviously today. I think it's something we should talk about briefly. How have your customer conversations changed in the past month or
so? It's really been obviously a challenging time for everybody. And it's basically come in waves and phases. And the first wave was really just how do I get to my workforce to work from home. And give me the most immediate components that I need.
It's how to expand my VPN or how to expand my multifactor. Those have been kind of the initial sets. And then Phase 2 of that is, okay, what do I need to do? I mean, I've taken on more risk. I've done a lot of BYOD.
I'm doing depending a lot on mobile for the workforce now. How have I exposed myself into these things and what do I need to start clamping down on? And we're just starting to get into those phases about what additional risks have been taken on and like how do I handle like home networks and how do I handle like devices that I may not have control over And how does identity fit into that core infrastructure? And how can you use identity? And I'll use you guys specifically and some of the things that we built with integrated solutions to say with those VPN providers.
We had built with you guys some of the integrated components of, say, with Netskope and being able to look at the integrated access components. And then those were unavailable until they downloaded the Netskope client, which we could do through your portal. And then once that refreshed and then it gave them the core set of application suites that they were available to after they add the Netskope client and visibility components of both their SaaS and their internal applications.
That's definitely new and I think on the forefront of this as people are moving from a traditional security perimeter to kind of this 0 trust environment. I'm sure that that's something that you're having more and more conversations about just educating people every day on what that means, right?
Exactly. It's not it doesn't mean the same thing to everybody, but it's more of a mindset than it is a technology set. But in the end, you're trying to move to more negative threat models than positive threat models. And like I mentioned, especially within the IaaS components, you really see people struggling with how to do identity and not just the ones we've talked about with workforce identity and customer identity, but also now the function of all the machine to machine communication going on as well in all your APIs. And APIs are now running the world these days, at least as far as applications go.
And all these need to authenticate and the APIs themselves are at risk. And anyway, you deal with that. And then what we're going to see into that as we evolve into the 0 Trust and some of the things that we've seen the Phase kind of 3 and 4 of this is also going to be, how do we change business process? Because I mean a lot of companies were in the middle of this transformation, some are fitting well, some and I've talked to many of them over the following days and certain things that they've just set themselves up for in corporate governance and audit controls like that even though they have the need and they have money to go spend, they can't do it because they need like wet signatures or they need notarized components, all of which if you're not in the office are very hard to do. And so I see those kinds of trust functions coming into play as well as the technical controls.
Yes, we'll come back to that because I have some questions around trust and around privacy too. But before we move off the technology piece, I mean typical architecture of a large enterprise customer 10 years ago was entirely on premises, nothing in the cloud. That's obviously shifted very, very quickly. Now we're in some hybrid world where as we know enterprise IT doesn't throw anything away. What they like to do is they buy new things, they glue them on the front.
How do
you help your clients manage security considerations in this typical new hybrid architecture for large enterprise customers?
That's a great question. And different companies are in different parts of the journey where I think our situation today will spur a lot more transfers up to public cloud environments and how to use the cloud in a better way, whether or not it's cloud delivered technology solutions or actual applications out of there because what we're going what we're all learning rapidly and we all kind of knew this, we just didn't expect to learn it this well or this hard, I should say, is that the only thing that we have that really can scale up and down into the scale that we're doing, especially moving workforces around is public cloud. And so we have to find different ways to use the public cloud to get to the scale, the achievement of scale. I mean, in going from 100,000 users in an office to 100,000 users at home overnight, it was not something anybody foresaw or not many people foresaw. But that sort of scalability function can only really be achieved as people are moving to the cloud.
And that's part of that digital transformation. But as you say, the interim component will need hybrid. So it needs to work for both the premise and the cloud infrastructures. And that's what the advice we give to clients is find the controls that we you're wanting to do and use for your corporate governance side and your client governance side and how we fit that into cloud structures. And then we kind of work backwards back to the premise side because what we find is that the premise side controls don't fit too well into the cloud, while the cloud ones do fit back into the premise a little bit better.
The governance, some of the new approaches that people have to take to how they're actually going to prosecute business and business process in general. How do you see the role of privacy changing and how is that playing out for your customers today?
It's again a very fascinating question. Most people were just really starting to get involved in the privacy side. Optiv views privacy and data components as almost integral to the aspect of identity structures. And that's why we actually even call our identity practice, it's our identity and data management, because we see those tie ins together so intricately that we can't do one without the other. And privacy is certainly something that many people were like I said, we're in the middle of and between regulatory and what you're trying to give to your customers as a service has been ongoing.
It's been I think that people are putting almost a little bit of a pause on it right now. And I say a pause on it, I just mean that they've just got how am I going to do business today, not necessarily how am I going to continue on with privacy. But where I think it's going to have a huge resurgence as soon as we get through the initial that like I mentioned that Phase 1 as we've what risk did we open ourselves up to? Privacy is going to be one of those ones we have opened ourselves to. And now I'm going to have figure out how to do that.
So if you think of the work from home structures and you think of privacy within HIPAA or privacy within GDPR, how is that going to work with being able to work from home and maybe using BYOD and maybe I had to allow people to download data structures onto their home computers for at least a period of time. Now how am I going to to control that data, find that data, who had access to that data during that time? And that's really going to be a difficult thing and that's where we're trying to prepare for our customers' journey on that.
Yes, that makes a ton of sense. So last question for you here. When you think about Okta specifically the relationship that we've started building over the last few years, what do you think all of these changes mean for our growing and developing relationship? And how do you think about building your practice going forward?
Well, I
mean, the relationship has really grown, especially over the past 2 or 3 years, And we're going to make some pretty large investments into how we deal with Okta and what sorts of capabilities that we're going to build around Okta. That will be not just in our services practice, that will be in our sales my office of the CTO and our marketing components. We see that Okta is going to be a key focus partner for Okta going forward and we plan on building more and more capabilities around Okta and how to feature Okta into our reference architectures as well as into our overall components of how we work with our clients.
That's great. Well, Todd, thanks again for taking time out of your busy schedule to chat with us today. We really appreciate it. Thank you very much for the partnership. It's been a great opportunity to develop that partnership over the last few years.
As you said, I totally agree. I think there's a huge opportunity and the time is ahead for us to work together and do some great things with Oktiv for our joint customers around workforce identity management, customer identity management and infrastructure identity management, which you started highlighting. And I think that when we have this conversation 24 months from now, we'll play an even bigger role. So thanks again for your time and for taking time out of your day to share your thoughts with us. We greatly appreciate it.
Thanks so much, Frederic. I appreciate it.
Great. And with that, I'd like to hand it back over to Bill for a closer look at our financials.
Thanks, everyone, for joining us today. Office grows considerably since the last time we hosted an Investor Day in October 2018. Today, my goal is to provide you with a financial update as well as give you more insights into our strategy and how we intend to continue to sustain that success. Obviously, we're in the midst of an unprecedented market uncertainty. What we do know is that we have built a very strong foundation and Okta has established itself as the market leader.
To date, our growth has been driven by the secular market tailwinds of the rapid growth of cloud and hybrid IT, companies undergoing digital transformation and the adoption of 0 Trust security environments. We believe these trends will not only continue, but could potentially accelerate as a result of the current environment. In my presentation, you will hear 3 key things. 1st, how we have demonstrated a strong track record of execution and built a strong foundation for growth. Since the company was founded 11 years ago, we've established ourselves as the market leader.
We've done so by showing we can execute on our vision of enabling any organization to use any technology and that has manifested itself in strong revenue growth and increasing operating leverage. 2nd, as you heard earlier from Todd, our TAM is $55,000,000,000 and we are just scratching the surface of that TAM. You got a preview of some of what we're doing to capitalize on that TAM from DIA. We talked about how our platform enables us to expand our reach across more use cases and more customers. You also heard from Charles who shared how we go to market to capture that TAM.
I'll go into more detail regarding those growth factors as well in this presentation. And finally, we have built a strong foundation and a durable financial model with what we think are very attractive long term financial characteristics. I'll review key financial profile points and accomplishments in detail later and highlight areas where we've had particular success as well as shared data points that underpin why I'm so optimistic about Okta's long term quality to grow at scale. So jumping right in, we have built a strong foundation for growth. Three things underpin this strong foundation.
First, the subscription model. We've grown quickly and this model allows us to maintain a stable base of recurring revenue on which to grow. 2nd, we have multiple vectors for further expansion, which includes benefiting from the powerful network effects we have built over the last 11 years. And finally, operating leverage. We have demonstrated very strong growth and significant operating leverage as our model generates very impressive incremental margins.
Here are just some of the proof points of the strong foundation that we have built. We achieved a 54% revenue CAGR from fiscal year 'seventeen to fiscal year 'twenty with gross margins up almost 1,000 basis points from fiscal year 'seventeen to 77% in fiscal year 'twenty. Our free cash flow margin is up almost 4,000 basis points during this period to 6%. And in fiscal year 'twenty, we also achieved 66 percent growth in total RPO and 119% net retention rate. That's a solid foundation on which to grow.
As we look at fiscal year 2021 and beyond, let me now walk you through how we think about our business in more detail. First though, let me start off by saying that as you saw earlier this morning in our press release, based on what we know today, we are reaffirming our fiscal Q1 total revenue guidance of $171,000,000 to $173,000,000 and full year 2021 revenue guidance of $770,000,000 to $780,000,000 On the profitability side, we are updating our outlook for operating loss to $23,200,000 to $22,200,000 in Q1 and $49,000,000 to $42,000,000 for fiscal 'twenty one, an improvement from loss of $33,200,000 to $32,200,000 in Q1 $65,000,000 to $57,000,000 for the full fiscal year 'twenty one. Also we continue to expect to be free cash flow positive for the full fiscal year 'twenty one. We are a SaaS based business and it is important to note that we have a strong base of business that is already contracted that we will recognize as revenue. That said, we believe there may still be some impact from COVID-nineteen that likely impacts our business and I'll go over some of the puts and takes with regards to the potential impact on our current guidance.
As we said before, when managing the business, we look to balance growth and profitability while optimizing for growth. In the current environment, growth will likely be impacted by longer sales cycles for enterprise companies as they adjust to the current environment. This could in turn result in delay in deals closing creating some near term headwinds, RPO and billings growth. We also see risks associated with highly impacted small and medium sized businesses. However, we are seeing some new interest from companies driven by their need for the rapid deployment of remote access capabilities in the rapidly changing work environment.
On the profitability front, the current environment will likely result in reduced spend on sales and marketing which includes a reduction in T and A as well as a move to virtual advance. We will also see lower than expected employee related costs across the company due to the current environment. And finally, given interest rates have declined significantly over the last few weeks, we expect a material decrease in interest income for the year. Despite the current macro environment, we remain confident about the future. We are confident because of the 3 main secular growth drivers that I mentioned earlier, continued cloud adoption in hybrid IT, digital transformation and the adoption of 0 Trust security environments.
These factors are driving our growth and greenfield opportunities and we expect this to continue to be the case this year and beyond. These trends are the driving force behind our massive TAM opportunity. That's a good segue to expand more on the TAM that Todd highlighted in his opening and how we think about the large addressable market opportunity in front of us. We think our total addressable market today is $55,000,000,000 As you can see, we believe workforce is a $30,000,000,000 opportunity and customer identity is a $25,000,000,000 opportunity. I'll go into each a little bit more so you can get a better understanding of how we think about both markets.
It's important to note that our technology stack spans across these two markets and that we are able to leverage our singular platform to address both of these markets. Taking a look at the workforce TAM, there are 3 primary drivers of the increase from the $18,000,000,000 that we shared with you when we went public to our $30,000,000,000 estimate today. The first is new and advanced product offerings, which has driven an estimated $6,000,000,000 increase in our TAM. We've introduced several new and enhanced versions of our products over the last 3 years. This includes advanced versions of products for single sign on, multi factor authentication and lifecycle management.
These advanced products provide more functionality and value and thus are priced at a premium. The second is success with the world's largest organizations, which has driven an estimated $4,000,000,000 increase in our TAM. We've expanded considerably into these large enterprise organizations since going public. This is driving larger lands and larger opportunities for upsell. And finally, the number of target addressable customers has grown meaningfully since we went public and this represents an estimated $2,000,000,000 of the increase.
Now let's take a closer look at the $25,000,000,000 customer identity market. While workforce has been around longer, customer identity is more greenfield and emerging. We have a leading position in the market today and continue to add on new products and features to enhance our position and expand OTAM as well. For example, last October, we launched dynamic scale, which has further differentiated us from others and opened up more opportunities in use cases for our customers. As you heard from Freddie's discussion with HPE Enterprises earlier, our sign in product makes our customers more agile as they develop new and improved ways of reaching their customers.
Specifically, HPE views identity as the backbone of their customer experience and sees Okta as their trusted partner as well as the identity standard. They're able to leverage our expertise and focus their resources on other areas that are more core to their business. Given the huge TAM opportunities across both workforce and customer identity, we also wanted to share with you where our business stands today. At the end of fiscal 2020, Workforce represented 77% of our total annual contract value and customer identity represented 23%. Both are showing very strong growth with customer identity growing faster off a smaller base.
Behind this large TAM, there are 4 main drivers we plan There is a huge There is a huge network effect as we continue to increase the number of integrations and customers. More integrations create deeper signals, so we can further enhance our product with more use cases that build on better data and in turn this results in more customers. And as Dia noted in her presentation, this is a virtuous cycle that we will continue to benefit from as we scale. For example, last October, we introduced security insights, a family of product innovations to help our customers with personalized security detection and remediation capabilities at the end user, admin and customer network levels. This is only possible for the data rich insights provided by this huge network effects.
And frankly, this is an aspect of Okta that is underappreciated as the network and platform are why we are the identity standard. As Todd noted earlier, as more organizations and more people use Okta, we'll set the standards for protocols around authentication, authorization and accounting of users, applications and devices. This is a big reason why customers find so much value in the platform. In turn, this really drives a lot of our other growth factors, including landing and expanding with large enterprises, growing our partner channel and international expansion. With regards to landing and expanding a large enterprise, Charles walked you through how we go about targeting this group.
We've made very good progress in this area over the last couple of years and this is reflected in our strong growth in total RPO and longer contract duration. As Charles mentioned, we currently have over 20% of the Global 2,000 as customers today. This is spread across all verticals including financial services, consumer goods, healthcare and industrial companies. The average annual contract value for our Global 2,000 customers is approximately 6 times our company average. So as we expand within the Global 2,000, this will no doubt be a pillar of growth.
I also wanted to provide another new customer metric and break out the number of customers with greater than $500,000 in annual contract value. As you can see here, growth in $500,000 plus customers grew 59% even faster than the 41% in the $100,000 plus ACV customers. This is another illustration of the success we're having with Global 2,000 and other large enterprise customers. 20% penetration in Global 2,000 is a good start and we have a lot of runway ahead of us. I think it will also be helpful for me to show you how this land and expand motion manifests itself with our top 25 customers.
This slide shows our top 25 customers in order of their initial purchase date. They span a wide swath of industries including biotech, retail, utilities, technology, healthcare and banking. And moreover when we land, it's just the beginning of the relationship. As you can see here, the first gray box indicates the quarter that they made their initial purchase. The multiple blue boxes that follow are subsequent quarters where they increased their purchases.
And finally, the green box indicates the quarter that the customer exceeded $1,000,000 of the annual contract value. As you can see, over time, our customers are reaching the milestone of greater than $1,000,000 of ACV much earlier in their lifecycle. And as Charles walked you through earlier with examples of our healthcare and consulting customers, there are many ways we can land and expand within customers, whether it's first landing with workforce or customer identity and then expanding use cases, products and users. Another way to look at our success with landing and expanding is our dollar based net retention rate. The strong net retention rate is due to strong gross retention, upsell and expansion across all products and markets as well as new product introductions.
As you may recall in Q4 fiscal 2020, we just this with all three factors driving the uptick in this rate to 119% with particular success in the enterprise. As we mentioned before, the net retention rate may fluctuate from quarter to quarter as we continue to experience growth in initial deal sizes and as we grow our business with and within the world's largest organizations. We've done very well landing and expanding with large enterprise companies and have a great strategy in place to continue to execute on that opportunity. We also see a large opportunity to grow by expanding our partner channel. As Charles noted earlier, partners are an integral part of our expansion.
Today, we have over 1,000 partners across 40 countries, allowing us to reach a larger range of geographies and market segments and to do so more efficiently. On top of expanding our reach, partners are taking a more active role in implementation, which allows us to gain further efficiencies as well as focus on our product offerings. Charles also noted that our partner ecosystem touches about 60% of our business whether it's influenced, sourced or sold by a partner. And importantly, the amount that is solely executed by our partner channel has grown from about 15% of our last Investor Day in October 2018 to greater than 25% about a year ago to greater than 1 third of our business today. Overall, our partners are a key part of the business and an area where we will continue to invest as we think about our longer term growth opportunity.
And finally, we will make investments to capture the long term opportunity in international markets. Currently 16% of our revenue comes from international, leaving plenty of opportunity for further gains. And as you can see both the U. S. And international continue to grow very strongly.
As part of our long term international expansion strategy, we target countries that are experiencing the same secular tailwinds as the U. S. We also plan to open new and expand existing offices in these international markets. We will also expand our infrastructure footprint to support international growth. For example, last year we opened up a data center in APAC to support growth in that region.
And importantly,
if you look at the footprint of
our Global 2,000 customers, they are currently in 25 countries. Within our base of customers that are in the Global 2,000, 63% are based in the Americas, primarily in the U. S. Which compares to 31% for the overall Global 2 1000. Also 19% of our Global 2 1000 customers are in EMEA versus 29% for the overall Global 2 1000, while we have 18% of our Global 2 1000 customers in the APAC region versus the overall Global 2,000 at 40%.
This shows how early we are with international expansion and how much opportunity there is for us in each region. So to recap, innovation in our platform and the expanding network effect, landing and expanding a large enterprise, growing our partner channel and making investments in international expansion are the 4 primary growth drivers that got us to where we are today and will help us achieve our long term financial goals as we go forward. These drivers all contribute to our attractive long term financial profile, which is exemplified by our high growth subscription business, profitable customer economics and disciplined capital allocation. I went over the drivers of the high growth subscription business, so let me now touch on the margins. One thing to note is that we have a very attractive customer economics.
So while initial lands have lower contribution margin, it significantly improves over time. This slide shows you an example of this dynamic. We looked at the contribution margin for new customers that came on board in fiscal 'seventeen. The contribution margin is calculated as the annual contract value acquired versus the associated cost to acquire and maintain that customer. There is an initial investment that is required, but we view this as a long term investment as there are numerous opportunities to expand our relationship with the customer as we have discussed today.
And as you can see here, the contribution margin from these customers continues to improve, making the unit economics of new business very attractive for us. Another very attractive aspect of our long term financial profile is our disciplined capital allocation plan. In these times of economic uncertainty, we are well capitalized whether this market. We currently have $1,400,000,000 of cash and equivalents on the balance sheet and will be prudent in our spend. We also continue to make the appropriate investments in the business to extend our market leadership.
We will continue to make investments that will extend our platform and product as well as investments in key customer facing roles to support the business. We also look at M and A in specific instances to support our growth if the acquisition enhances our platform or accelerates our product roadmap. Overall, we've been disciplined and focused on executing our plan that we've laid out for you in the past and expect to continue to do so in the future. Our framework is always focused on balancing growth and profitability while optimizing for growth and that has not changed. That said, in the current global environment, I do want to give you more insights into how we think about this balance.
First, I want to say that our current long term outlook is consistent with what we shared with you at our last Investor Day in October 2018. It assumes a 4 year revenue CAGR from today through fiscal year 2024 of 30% to 35% with revenue growth greater than 30% each year and a free cash flow margin in fiscal year 2024 of 20% to 25%. We have the ability to control spend depending on the market environment and expected growth rates. We will be flexible in terms of how and when we invest to extend our market leadership. Thus in a more moderate growth scenario where a global economic downturn is deeper and longer, we would expect a revenue CAGR of less than 30% during this period.
In this scenario, we believe we could achieve a free cash flow margin that is greater than 20% in fiscal year 2024. However, in a faster growth scenario where the current environment spurs faster than expected adoption of our solutions, we would expect to see a revenue CAGR greater than 35% over the 4 year period through fiscal year 'twenty four. And we believe in this scenario, we can achieve a free cash flow margin of approximately 20% in fiscal year 2024. Overall, I want to reiterate that we remain very positive about the future. Our products enable any organization to use any technology.
It is even more important today and it's likely current events will forever change the way work is performed and where it is performed. We covered a lot today, but I want to reiterate the 3 key takeaways we want you to walk away with. We've set up a strong foundation for growth, We have large addressable markets with multiple growth factors and we have a very attractive long term financial profile. With that, thanks for joining us today. We'll now take your questions.
Okay, great. I think everybody is turning on their video chat now as well. So welcome to the Q and A portion of the event. We've got Todd, Freddie, Bill, Charles and Dia here to answer all your questions. And if you haven't noticed already, the easiest way to submit a question is to do so through the Zoom client.
So we can jump right into it. So the first question is from Sterling Auty. He asked, in light of COVID-nineteen, how is the capacity in Okta network? Do you have are you having any issues supporting requests or scaling up cloud capacity?
A great question. If you were able to watch my keynote earlier this morning, you heard me talk about the top priorities for us. Number one priority is safety and health of all the people, so employees, customers, partners. And the second priority is customer success. And the foundation of that is that the service is scalable, reliable and secure.
So, we're always focused on that. And I think even more in these times that everyone has a little bit of uncertainty, we're making sure we really double down and focus on service reliability and scalability. Part of that is making sure there's plenty of capacity. So, we're very confident in that. We've really over provisioned capacity both as course of normal operation just to be conservative and as a result of some of the dynamic nature of what's going on.
We have the ability to move that capacity around based on usage patterns, which we are seeing usage go up quite a bit. I mentioned in my keynote, we're seeing multi factor authentications on the service. We're seeing active user counts go up as people are using more technology remotely. And luckily, we're prepared and we have plenty of excess capacity and we're also able to shift things around as usage patterns migrate over the medium term.
Okay, great. Next question is from Rob Owens. It appears your platform play and granular app level access policies and identity engines combined with new workflow capability start to infringe much more on the governance space. Can you comment on coopetition and where you see best of breed versus what you are offering in your platform and the next generation identity space as the next generation identity space continues to mature?
We have partners for identity governance. We have great partners like SailPoint, as we've talked about in the past. We're also building a platform. So as you build a platform, you're going to build more capabilities and more functionality that can be used in a very flexible way for different use cases. So I think some amount of overlap is inevitable.
We already have that to some degree with our lifecycle management products. But as we build out more platform capabilities and more flexibility for customers and more ability for them to make the Okta Identity Cloud do exactly what they want. There's inevitably, there's going to be more functionality overlap with the government space, but that's what we think is the best for customers. And if you look at the VAS customers and a lot of them use both governance products and us And another hallmark of what we do is integration period. So, we're really good at integrating with everything, even if there's functional overlap or category overlap.
The last thing I'll say on this is, I would point you to Dia's product keynote, which will be tomorrow. Dia, you know the exact time, then she's going to go into this area in more detail.
Okay, great. Your next question What time is your keynote tomorrow, Dia?
It's at 4, but I think they saw a bunch of it in the presentation ahead as well that they just went through.
Yes, exactly. Yes, beyond what you did earlier today, I think there's a little bit more detail.
And the only thing I would say there is, as Todd said, we're building a platform. We want to enable our partners. So many of the things we're building will actually enable our governance partners to be able to build deeper functionality for their clients as well. And it's inevitable as a platform that we will build things where there's slight overlap. But if there is, that overlap should help our partners build stronger products as well,
because we've
got it built on us.
Really good point. I would not be surprised if in a few years out you see an amazing identity governance solution built by SailPoint on top of Akka. So they take our platform and take all their detailed knowledge about that and build a solution right on top of Okta that runs on top of Okta and uses the directory and uses some of our core platform services and does the exact governance functionality every customer wants.
All right. Sounds good. Next question from Jonathan Ho. With FastPass, what challenges did you have to overcome in order to deliver true Todd passwordless? And can you give us some additional color on why others can't do the same?
So I'm really, really excited about the FastPass capability. It's something that I personally want as a user. It's something that we've kind of talked about for a while and we finally brought it to fruition. And what's required is a platform approach. So you have to have multiple different services to make it work.
You have to have a central directory, you have to have flexible directory, you have to have the identity engine orchestration to make it all work, make it all be customizable and flexible. And then I think the piece that's probably hardest to replicate and that has taken us the longest is the devices platform service. And what you have to do to build devices platform services, you have to be cross client OS. So it's not enough to do it just on Windows, it's not enough to just do it on iPhone or Android. You have to be deeply embedded in all of the client operating systems to make this work because it has to flow seamlessly from the devices to the Identity Cloud.
And that's what's really required to free that identity out of those devices and make it central. That for us, it's we grew up a cloud company and web protocols were really easy for us and we're great at those. And it took some adjustment to really focus on getting embedded in the devices, but the results are pretty amazing and I'm excited to get that out to
you. Excellent. All right. Next question is from Keith Bachman. While work from home likely raises long term demand for Okta or Access Management more broadly, how is work from home combined with current weak global growth impacting sales cycles and deployment capabilities?
I'll take that one, Tom. Thank you, Keith. I would answer that in 2 ways. The first is there was absolutely no technical requirement for Okta to be on-site for everything from a demo, proof of concept through to delivery and we're well set up to transact. Obviously, having in person meetings, there is a lot of benefit to that And it is somewhat less efficient sometimes.
But I cannot believe that everybody is now adapting to this new norm. I think, well, I'm incredibly impressed how both Optor and our customers are being able to collaborate with new technologies. So we are seeing a slight change and a slight inefficient way of getting our act together, if you like, in this new world. The second aspect is a little bit more fluid and this has to do with the demand generation, where we're seeing slowdown and acceleration. The trends that we're sort of seeing over the past few weeks fall into a number of buckets.
One are there are absolutely people who are coming to us because they are struggling to work securely in a remote environment as you'd expect, particularly around multi factor authentication as an example. We're also seeing customers who now are looking at cost control measures more closely and some of the projects specifically around modernization and digital transformation, they are accelerating. And in some cases, which was a little bit of a surprise to me, was an acceleration of initiatives to change a business model. So perhaps going from more traditional bricks and mortar into a more digital way of communicating with customers. So we're actually seeing acceleration in those areas.
Now of course, on the flip side, there are certain industries that are really struggling right now, everything from travel and transportation, leisure, entertainment and some of those industries. And we're most definitely seeing a slowdown as they look at really aspects of surviving right now. But on the whole, we are, as your question points out, continue to see demand generating growth. We haven't seen that slowdown. What will become apparent in the next few weeks is just how efficient we can all be in working in this new way.
All right, great. Next question from Ninoi Job at Atika Capital. What are customers prioritizing and deprioritizing because of COVID related economic uncertainty?
I'll just maybe start off and then Charles, you're probably a good person to add some color to this as well. What we've seen is we've seen everyone every company is trying to think about what this means for them. As Charles mentioned, there's some companies that are their direct industry is hugely impacted if you're a travel company or airline, you're really figuring out what this means for you. A lot of other companies just are taking an assessment and seeing what their new reality means. And that for us that's there's some anecdotes of sales cycles being delayed.
There's some anecdotes of things being accelerated, so new projects coming to the forefront. And I think at this point, it's we're seeing some trends, but it's still relatively early. And the way we're thinking about it is we're making sure that we see a lot of data before we make really broad rash decisions and looking at the world and seeing what's happening, but not being balanced in our approach to make sure we're able to capitalize on the short and the long term.
All right, great. Next question.
What's your perspective on that?
Yes, I think similar to what I was saying before and you reiterated, I think we're not seeing initiatives disappear. We're actually just seeing them being reordered to some extent. And some of those that perhaps were a little bit further out now become a little bit more important in the shorter term. But as far as deprioritizing initiatives completely,
except for
those severely affected industries, we're not really seeing that at all.
All right, great. Next question from Andy Nowinski. Your customer from Dentsu noted that Okta is much more than just SSO. It's an integral part of their architecture. I understand you have many products beyond just SSO, but what percentage of customers and more importantly potential customers do you think truly understand the value of Okta and how it is much more than just SSL?
Yes. Hey, Dave. Happy to take that one. So, you're referring to Dom Schein and obviously, he has a lot of experience with the Okta Identity Cloud. He's used us now multiple times at multiple companies.
So he understands the true value that he can get out of it. And as he highlighted, there's a lot that he's doing beyond just single sign on and multifactor authentication, everything from lifecycle management and then both sides of the story, both workforce and customer identity management. I think what you're trying what you're starting to see is as more and more companies start to find more and more ways to use the platform, we're landing inside these companies with more and more different products on different sides and then doing a lot of cross sell and up sell. You see that in the very strong dollar based net retention rates, which are continuously going up. And I think we're also starting to land and expand inside large organizations.
You just saw in Bill's presentation, first of all, inside the Global 2,000, how big those accounts are. You saw that the growth in over $500,000 accounts is going even faster than over $100,000 accounts. And what that means is that these large organizations are finding a lot of ways to use everything from lifecycle management to the newer products like Okta Access Gateway, advanced server access. And as we really start to expand out the platform, I think there's going to be more and more of that. Frankly, I think the announcements that we've made around platform are ones that a lot of our customers have been using for a long time.
Internally, we've been loathed to use the term platform because people overuse it, I think before they're ready. But I think now you can really start to build interesting applications and really build some very valuable extensions off of what we've built, which is why I think the future around the platform is going to be very exciting and is going to give customers a lot more opportunity to leverage the services we have.
Excellent. All right. Next question from Shaul Yall. Can you discuss current trends in the U. S.
Versus Europe and Rest of world in light of your reaffirmed guidance? And secondly, when you think about the current Okta scorecard versus your Octane 2019 targets, where are you seeing great success and where do you think there is more room to improve?
Well, I'm happy to talk a little bit about international. Look, I think as we've said, the opportunity in international is huge, right? The trends that we are helping organizations, both public and private sector address around their move to the cloud, around digital transformation, around security. These are global trends. These happen in every company, every sector of the economy, every industry.
And so, we have a huge opportunity, but points every year points every year, even as the company gets bigger and bigger and you see this continued growth. We should start to get 20%, 25% even more of revenue from international in the years ahead. You also saw Bill mentioned in particular the acceleration we're seeing in the partner channel. I think that's going to be a huge opportunity. You think about Europe, 27 countries, languages, cultures, we can't be in all those places.
So we'll have Okta personnel in the right places and then we're going to have the right distribution and implementation partners. I think it's a huge opportunity and I'm very excited about that. Finally, I would just point to the investments we've made over the last 12, 18, 24 months in the offices, whether it's opening Munich, whether it's growing Paris, whether it's growing the Sydney offices. We have continued expansion plans internationally. We are continuing with those.
Obviously, we want to be sensitive to some of the variability that's happening right now out there, some of the disruption. We want to be agile, but we do have aggressive international plans and this is
we're playing the long game.
So over time, you're going to see us continue to do that and I'm very excited about those opportunities.
I can take the second part of the question about the how we've done on our targets since last Oktane. I could answer the question from a few different angles. From the financial angle and the business angle, I mean, we had a pretty amazing year last year as we talked about in our last earnings call with revenue growth and getting improvements and making progress toward profitability and cash flow improvements, overall growth, employee, the team. So it's really good on all those metrics. On the product, the big thing last year the big things last year ago at Oktane, one of them was Okta Hooks and that is being very well received in the market.
You're seeing tons of deployments on Hooks. You're seeing a lot of customer success with advanced integrations there. The second thing was Identity Engine. That was a big announcement last year. And as I mentioned today in my keynote, we've had a progression of Identity Engine from just being about customer identity to being integrated with everything on the service.
So not only the customer identity products, but also the workforce identity products as well. And that's a really important thing because you're going to get that integration ecosystem, that flexibility, that the features like app level policies and flexible account recovery, all those things across all of our products. So that's really powerful. And then the last thing I would say is about what we announced last year at Oktane. It was really the start of this movement to a platform.
So it's I think we've made great progress with what we're able to deliver this year with workflows and devices. So it's been a good year. Now it's all about keeping the momentum going forward. So the next year and the years beyond will be just as positive.
Great. All right. Next question from Melissa Franchi. In light of COVID-nineteen and recognizing there's a lot of unknowns, what are you seeing now in terms of buying behavior both in terms of seat expansion and new customer adds? Also what is your assumption today in terms of gross retention in light of pressure on SMBs?
Hey, Bill, why don't you start off with the kind of the model questions and then we'll give it to Charles for the some of the buying pattern stuff.
Sure. So as it relates Melissa to the gross retention, the way we've looked at it is we've had very strong gross retention rates historically. We continue to have strong gross retention rates. The reality is for small, medium sized business, especially those potential verticals or segments that are especially hard hit, we actually have very little exposure there. We're very diversified as far as the verticals we have.
So from our perspective, we don't see as much risk as maybe some others do on the gross retention side. Having said that, we are evaluating it and feel that because of the nature of the service and frankly how essential it is in this environment to a number of customers, We feel pretty good about where the gross retention rates are going to stay over the next period of this uncertain time.
Regarding the sort of makeup of new business versus upsells and expansions to existing customers in light of COVID-nineteen. I guess it's still a little early to be categorical on a number around that. But it's around about the same as it was before, albeit for slightly different reasons. A number of our existing customers are looking at much more advanced methods of authentication, and MFA is indeed a stronger component and a more prominent part of the pipeline for existing customers. For new customers, though, it's the ability to actually just remote work securely for organizations that haven't actually been set up properly to do that in the first place.
And as they bring on a lot more collaboration tools to help them with the dynamic workforce, They're realizing that actually adding an additional security layer is kind of key. So I would say it's
a little bit of a wash
as far as net new versus upsell, particularly relating to COVID-nineteen.
Okay. Next question from Walter Price. How easy is it to demonstrate new features and functions in this work from home environment and make sales? I'll take
that one again. And that's kind of what I was alluding to earlier. There's no technical need at all because we're a pure cloud service to actually demonstrate. I mean, we built our company very much in a remote model. And we now customer success and we have support teams, our presales teams are all able to work remotely and demonstrate the products remotely.
So we're not actually seeing that as an inhibitor. In larger organizations where you need to have a more complex architectural discussion, that is often a lot easier on a whiteboard with a bunch of people in the room. So some of those opportunities are just slowing down a little bit until we can get into those environments. But our ability to make sales hasn't changed. In fact, one of the reasons that people are coming to us is because whilst they are remote, they actually want to get this up and running whilst they before they get back into the office, within hours or days, not in weeks or months, and we're able to help them do that.
All right. Next question is from Walter Pritchard. Can you talk about how you see sales cycles impacted between new customers, land versus upsellexpand deals?
I think that's similar to the question that we just answered. So right now, nothing significant shifting either way on that strength in both areas.
All right. Next question from Alex Henderson. The new guidance looks primarily related to T and E and savings from virtual events. I assume you expect some normalization over time. Do you see the T and E rebounding and event spending rebounding by the January quarter?
And should we assume the spending in the following year is unchanged versus our prior market since the hiring has not changed and the out year would have all the T and E and event spending in it. I'm not looking for a forecast, but rather the logic of the forecast.
Hey, Dave, I would just ask you how much we saved by doing this investor event virtually?
Quite a bit from the IR budget. Thank you. Bill, you have to come off mute. I know.
Thanks, Alex. So as it relates to the forecast, let me kind of let you know how we approach the guidance and how we approach the forecast. We took a look at it. We took a prudent look at it based on what we know today. And based on what we know today, we analyzed where we thought this uncertainty was going to potentially end.
And we're assuming that this environment, this current environment uncertainty is really going to last at least through the first half of the year. But we're very cautious about trying to project beyond that when the recovery would happen or how fast this recovery would be. So our focus has been on to forecast that given those parameters and then adjust and be flexible to go up or down depending on how the current environment changes. And that's really the way we've looked at it. So I think from the forecasting standpoint, the expenses and the savings that we've built into the guidance we gave today are both the fact that there's less sales and marketing because we've gone more virtual on our events, less T and E, But also, given the current environment, we also have lower employee related costs and have made sure that those employee related costs really are cognizant of what this current environment is.
And because of the uncertainty in the current environment, we've put ourselves in a really good position to flex up or flex down on spending. But I wouldn't translate that into assumptions as we go longer term out into the year and certainly into next year.
Okay. Next question from Eric Heath. How is access gateway adoption trended compared to your expectations? Is it opening up the market for you? Are you competing more with legacy vendors?
Tell us when I ask.
Before you do, Charles, it reminds me that following on a little bit to the question earlier about the progress since last Oktane, the other big announcements at last Oktane a year ago were advanced server access and then the access gateway product. And I'll say both of those have been done really well, been big successes. Charles, you can comment more, but that's probably one of the biggest successes since last octane.
Yes. I think there's nobody in the company that was more excited about us bringing Access Gateway out than me. This absolutely opened up a huge market for us in the largest enterprises in the world who've got a couple of things they want to do. One is they're part of digital modernization means still keeping a lot of their old applications, but being able to access them in a much more modern way and a much more secure way. And the other is, I guess, not competing with legacy, but opening up a market to replace a lot of the legacy technologies has been phenomenal success.
So I'm extremely happy about this product.
And I would just add a couple of things on top of Charles' comments there. The first one is, I think when we came out with the product last summer and last fall, we spent a lot of time with implementation, making sure that we got the first five, ten right. You got to implement these things inside legacy infrastructure. There's a lot of on prem integration to do, making sure you get all of that right. But I think it's really taken off.
And I think not only the revenue from the product, but as we've said before, what we're really seeing is the associated revenue. It's unlocking big opportunities. We've talked in the past about Hitachi. We talked on the last earnings call about Zurich North America. There's a number of large regional banks.
And actually just today, we put out a press release about how it is now an Oracle validated solution, meaning that we are authorized to do all the Oracle E Business implementations. That's a huge deal. That really unlocks a lot of opportunities where large organizations have all these Oracle implementations on premises. They're really excited about the move to the cloud. They want to use the Okta Identity Cloud and now they can plug it in seamlessly using OAG.
It's going to be a huge opportunity in the times ahead.
Okay. Next question from Gray Powell. How are you helping customers deploy MFA? Is Okta giving any price breaks as usage of MFA goes up from what was probably a relatively low percentage of employees to close to 100% of employees? And then at a high level, how big can MFA be longer term relative to the rest of the business?
Let me take that one to start with. We do have an initiative for organizations in the short term who are struggling to get their remote workforces live. It is after for emergency remote working. This is an offering to help with single sign on and basic multifactor authentication, really just to quickly secure and get these organizations up and running. Obviously, we have a number of existing customers who don't have MFA, and we are talking to them.
In fact, they're leaning in with interest. How we price is very dependent on segment and sector and country and organization.
Another thing I would add there is, it's not just about multi factor authentication, it's about the advanced capabilities that we have with MFA. We are getting more and more large organizations saying, hey, I'm really excited. There's a lot of feature completeness. I can now get off of my legacy RSA implementation is number 1. Number 2, if you think about some of the partner announcements that we've made, we saw Todd this morning talk in the keynote with the COO of VMware, some of the integrations we're making to the end point security providers as well.
There's providing just a lot more telemetry, a lot more information and that makes that advanced multi factor authentication that much better, starts to learn about you, learns about your behavior and it can really start to react. That's something that legacy vendors are just unable to do.
Okay. Next question from Mandeep Singh. Can you address the threat from Microsoft bundling its Active Directory offering for premium Office 365 customers? And also give us an idea on what sort of indirect sales contribution you expect from your partnership with VMware?
Maybe Charles or Bill to start with the VMware question and then I can take the first part of the question about bundling.
Sure. As far as a specific percentage, I don't have that I haven't really set that as a specific target of our indirect business. But what we are doing around those technology partnerships, which are really what we classify as better together, is how can we with VMware, how can we with Proofpoint deliver offerings which are more complete than stack vendors, as mentioned Microsoft, and others in order to give a more complete offering. And what we've seen with that is not everybody is caring just about free software because at the end of the day, nothing is free. They're really bothered that the security threats that they anticipate or are seeing are going to be best served by the best technology.
So we've seen a good uptick in it. It's relatively short, our new rather than our specific joint go to market offerings, But early indicators are very positive for us on both VMware and on Proofpoint.
The question about the competitive environment, the dynamics is an important one. This is a $55,000,000,000 market. So there's people that are interested in this market just like we are. I think when I break it down, I put it in a few buckets. The one bucket is smaller companies.
So usually they have a point solution or part of the whole comprehensive platform that we provide and we compete with them. It varies based on different competitors, but it's basically our platform is more flexible, more scalable, reliable, more capable, it's cloud native, in cases maybe our geographic reach and scale is also superior in terms of distribution. That's one big bucket of competitors. The 2nd bucket of competitors is and these are I would say this is in like increasing order of importance to us and strategic importance to us. The second bucket is legacy identity.
So the question was asked before, what's the competition around legacy identity? And Freddie talked a little bit about it with regards to the Access Gateway product and how we're really seeing those legacy deployments start to be replaced at scale with Okta Identity Cloud, which is really, really positive. So it's kind of the modern platform approach versus legacy identity. And there's a lot of uncertainty in the world right now, but one of the when we look back on this a year or 2, I think you'll see that this pandemic is and all the uncertainty around COVID-nineteen is really going to be the nail in the coffin for legacy identity architectures and on premise deployments, given the advantages of the identity cloud. So that's the 2nd bucket.
And the 3rd bucket is big platform companies that want to have a play in the identity world. And it's interesting, a lot of people are most concerned about that, whether it's Microsoft bundling their solution with Office 365 is an example of that. But that's the one where the differentiation is the most clear in the customer's mind, because it's very clear that those big platforms aren't about connecting customers to different technology that's not on that platform. This is very clear that Microsoft is about Office 365. And if you want to get to Zoom, if you want to get to Slack, if you want to get to a different kind of any kind of different application, it's not Microsoft, if it's Salesforce, if it's Workday, it just doesn't do it and doesn't work well with mobile, if it's not a Windows device.
So it's very differentiated there and it's also something that you can't it's like part of the ethos of Microsoft. They can't wake up and decide they don't have all these other apps and platforms in the game that they're going to favor. That's who they are. That's their company and they can't be neutral in a way that we can, which is why I think our competitive positioning against a big platform like Microsoft is so clear.
And the only thing I would add there, Todd, to what Todd said is that is one of the reasons we pointed out where in devices, that's a clear example in devices and fast pass, why we were able to do something that none of the bigger platform carriers have been able to do, which is
go across all their platforms.
All right. Next question from Darren Baker. The Okta team has introduced many new and advanced capabilities over the past year or so, which seem to go far beyond the basics of SSO and MFA. Are your customers prepared to take full advantage of these capabilities? Or do you think there are additional educational engagements or reference implementations that are needed to help customers really make use of these features that Okta offers?
Does that extend sales cycles or adoption cycles?
I'll just start off at a high level and I think Freddie and then Charles have good perspective on this as well and Dia, you probably do as well. One of the most powerful things about our potential is this ability to innovate quickly. And it's we talk a lot about how being cloud native is a big advantage, but the pace of innovation for Okta is something that none of our competitors have and it's really critical for customers. Now it comes with a it's a little bit of a two sided thing there. You can innovate really quickly, but sometimes customers, it takes them time to even catch up with what you have and know about what you have, which is one of the big focuses at an event like Oktane to make sure we continue to educate the market.
Last thing
I'll say quickly before I turn it over to other folks for some thoughts is that we're always about customer stories. If you hear in Dia's presentation just previously, she talked a lot about customer stories and what they're doing with it. On the Oktane keynote, it's all about what customers are doing and how they're having success and specifically what they're using. So customer success and customer stories is a big part of how we try to push the ball forward in terms of educating the market about the potential of Okta.
I would just add a couple of things and then Charles, I'll turn it over to you if you have any comments. The first one I would just say is, it's a big opportunity to work with these organizations. And when you come into a company, you heard Todd mention FedEx and how quickly we got 100 of 1000 of employees deployed. I work very closely and I continue to work very closely with FedEx and their leadership organization over there. It's very powerful when you walk in and you could say a couple of things.
First of all, you can say, look, we're not here to do a forklift upgrade of your existing legacy on premises infrastructure because that's something that they're very nervous about. They say, look, we have all these things that are tied in, some of these are in mainframe, some of these are legacy environments. We're not sure they're the most mission critical, but we want to make sure we don't disrupt any of the business we have going on. And so we have a very strong message there where we say, look, what are some of the 1, 2, 3 most important critical initiatives that you have right now where you want to either modernize, you want to extend your environment, you want to move to a customer facing application. And we get them up and running very quickly and successfully in 1, 2, 3 months.
And you come back to them in a quarter and you say, how is that deployment? And they are time and again shocked at how well and successfully we deployed a very mission critical application at scale for them in their environment. And that's how you start to earn trust. That gives you the opportunity to go back in there and talk to them about all the other things that we're doing. And very quickly, we build very strategic partnerships with these C level executives who say, Frederick or Todd or Bill, I want you to come in and explain to me your entire roadmap so that I can really get a vision of where you're going and how I make sure that when new projects come up, I know what's right for me and how I can leverage more of the Okta service.
You see that in the numbers. You see it in the dollar based net retention numbers that are very, very strong. You see that in the land and expand inside large organizations. You see that in that matrix slide that I always love when Bill presents up how quickly organizations buy and then rebuy and then rebuy new opportunities. That is the way that we build these successful long term relationships inside these organizations.
And frankly, it allows us a lot of opportunity down the road as we expand out the platform, as we provide new products, it's going to be a lot of ways that we can help these organizations and I'm very excited about it.
The only piece that I guess
I would complement what Tom and Brad has said.
I pay
a lot of money to a large sales team whose job it is to go out and make sure everybody knows about everything that we do. And but a lot of what we do is driven and what we build is driven by customers themselves. They are the ones that are asking for a lot of these features or functionality. So in many cases, there's a lot of pull for innovation from our customer base. But the final part, the main piece that we invest in is around the area I showed earlier around learn, deploy, adopt and grow.
And that's our investment in customer success. And the customer success team is there not only to help the existing purchase or use case gain value, but also to highlight every single week and every single month what's new and what else could you be using at a customer site to make your implementation better? So we invest a lot of time and money in making sure people are enabled and aware and communicate to.
Yes. The only thing I'll add there from a product perspective is that when you solve one pain point for a customer, right, it's natural that they want the efficiency they get there in other parts of their stack as well. And identity is something that goes across their entire stack and there are multiple pain points that Identity can help address. So to a point that was made earlier, right, we're storing we're actually helping them with single sign on. The next thing they need is adaptive MFA or MFA.
Once you get an MFA, they need adaptive MFA. So this we see this trend continue because identity itself is evolving and becoming so central to these companies that I think every time you solve one problem or help them solve one problem, they want more and they come to you and say, okay, I have this pain point here. Can you help address this or do you have other ways you can help me make become more efficient?
All right. Next question from Pat Walravens. Bill, any suggestions for how we should think about the near term billings headwinds you mentioned? Any thoughts regarding how big these headwinds might be? And also how we should think about the headwinds for sales for new customers versus existing customers?
Yes, Pat. So, when we look at doing our forecasting historically and it's the same today, we always when we forecast know that in our forecast there's going to be opportunities to that forecast and risks to that forecast. Given the current uncertain environment that we're in right now, we think it's weighted more toward risks than it is to opportunities. Those risks being primarily the fact that longer potentially longer sales cycles because customer enterprise customers are pausing and trying to adjust to this current business environment. The other thing is we've mentioned is small, medium sized business that are particularly impacted.
So we see risk there. And we also on the offset see some opportunities as Charles mentioned from customers that are actually moving faster to deploy us for remote access because of the new work environments that they're having to develop for their workers. So I think those are really the different components of it. I think as you think about new net new business versus upsell, I think all of those things could have an impact both the risks and those opportunities on both of those types of selling. I do think that it probably has a little bit more impact on net new just because of the elongated sales cycles.
But I think that potentially that risk could impact both as could those opportunities.
All right. Over to Brent Thill. Customer identity is very exciting. Given Freddie is a hockey player, where is the hockey stick inflection coming for the market and what are the biggest greenfield opportunities?
Well, speaking of Freddie, I just want to tell everyone that today is his birthday. So happy birthday, Freddie.
Thanks. Nothing like turning 21 on an investor call with all of you. So Brent, thanks a lot for the question. I greatly appreciate it. So customer not surprising to us.
The opportunity out there is huge. I think you see it in all sorts of ways. First of all, there's a lot of organizations that have the extended partner networks. Good example are insurance companies. I mean, we do very, very well with all sorts of large insurance companies.
Again, I would point back to the last earnings call where we talked about Zurich. I mean, they're trying to do it not only for their employees, not only for captive insurance agents, but also insurance agents who have other opportunities and sell other products. They just want to make the product as easy to use as possible so that they can sell more insurance policies, whether that's on the web, whether that's on the mobile phone. 2nd of all, I think in particular with unfortunately what's happening out there in the world right now, a brick and mortar organizations are going to have to find ways to have these digital connections. And I think you're going to see an acceleration of organizations that are trying to do things around customer identity and access management just to have more of a digital touch with their customers.
Good example there is Albertsons. Now we've been working with Albertsons for some time, but they have 27 different brands. And obviously, they're ahead of this curve thinking about how they want to standardize that interaction between customers and the 27 brands and on the back end how Albertsons gets one view of me as a customer, which might have many different touch points. But finally, the biggest thing I would say there is, it's just a large greenfield opportunity. There is no legacy incumbent vendor that's built a giant business here, because traditionally this has been a build versus buy story and a lot of organizations have said, I can stand up an LDAP directory service my DMZ and reset usernames and passwords for customers, that's pretty straightforward.
But as you start talking about mobile applications, as you start talking about all these operating systems, as the security awareness goes up, because obviously that's heightened, as you start thinking about multi factor authentication for sensitive websites, it gets very complicated very fast and you're talking about customer interaction, which is critical obviously to everyone's businesses. So we're very excited about the market, very excited about the opportunity and I expect great things from the organization in the times ahead.
Yes. The thing that I'll add there, Freddie said everything Freddie said is very true. There's another massive trend that is actually creating headwinds here, which is actually tailwinds, sorry, which is the if you look at companies and if you look at the privacy landscape, more and more companies need to be able to better manage their user privacy, their user data, their user consent management. I talked about in my roadmap session as well. And that actually is making them look externally to us for help in being able to solve these challenges.
They don't want to manage identity internally. They don't want to manage have to go through building all the capabilities of data of keeping data segregated, keeping data private, being able to delete it, data retention policies, etcetera. And what we've done is we're building as I said, we're building a bunch of privacy related features like consent forms, consent versioning and management, flows built on flows built based on consent status, but also integrating with an entire ecosystem of players that are helping people manage identity across their entire tech stack like Databrail and OneTrust. So that's where I think that is a massive tailwind for this space that I think is going to get more and more people wanting to actually go externally and get help from people like us to be able to solve this problem.
Okay. Next question from Jared Haftel. On FastPass, will it be a separate product that people pay for or included within SSL? If separate, how should we think about the dollar per user and then likelihood of GA within the first half of FY twenty twenty one?
Do you want to take that, Dhi or do you want me to?
I can do that. So for SS so FOSFOS will be a part of SSO. The factors you use will depend on whether you have MFA and whether it's adaptive or not will depend on whether you have the adaptive MFA skew. Overall, the way we look at this is we want to make sure we have the best SSO MFA adaptive MFA offering out there, which helps us increase keep our prices steady and increasing over time. So launching this as a separate feature did not make sense.
Todd, feel free to add to that.
Yes. And that was exactly what I was going to say. We think about it as everything you just said, but also just stickiness in terms of and the end users are going to love this. I mean, you're not going to be able to take this away from end users. The experience is so magical and amazing.
They're going to demand it. They're going to not ever let it go and they're going to want to take it with their next company with them. Yes, it's going to be a big deal for overall for our product position.
All right. Next question from James Sperling. Does this environment help accelerate share gains versus legacy on prem vendors that may require access to customers' premises for deployments?
Charles, you probably comment more, but I was saying this already. I absolutely think that will happen. I think that when we look back on this, the fact that people are going to want to go remote and people aren't going to want to invest in on prem infrastructure is going to mean the legacy on prem identity stacks are going to be hard pressed to serve the needs of customers.
Yes. And even in the short term, the reason that people are coming to us is because they need to do these things remotely. They can't be on-site. They can't be upgrading or putting new patches on into data centers where they're not allowed in. I mean, it's a very difficult thing to do right now.
So the answer is yes. I do see that acceleration.
Okay. Back to Melissa. Within the 6 platform services, which one holds the most opportunity longer term and most upside in the near term, recognizing a few of the services won't be out until Q4?
Near term is we're close in advanced lifecycle management, generally available now. It makes that advanced lifecycle management product very, very powerful. I think long term, the devices service is really a game changer.
I think
that when you pull identity out of the client devices and centralize it, your flexibility goes up and you're not locked into Active Directory. You really can enable this true seamless movement between work network and Internet and personal devices and work devices, while all at the same time being secure and giving companies a central policy to control it also. I'm really excited about that over the medium or longer term.
And the thing I'd say there is something Dot always says, which is it's one of these it's all of these things coming together that actually make it very powerful. Fast cost could not have happened without multiple of these platform services coming together. So I think as we start combining them, you'll see more and more magic happen as well over time.
Okay. Back to Walter Pritchard. How do you think about current impacts on pipeline build for later in the year when current activity would contribute to those sales cycles? Do you think they'll be able to mitigate this or should we expect an impact in the outer periods after this ends?
One of those questions you wish you had a crystal ball for, I guess. The way that in fact, maybe I'll just take one step back quickly. The way that we run our plan, we run a rolling 4 quarter plan for both capacity modeling and demand generation modeling. And so the capacity is this gives us flexibility. It also means that we have the potential of cutting territories multiple times.
But it gives us the most flexibility
to be able to adapt if one region or segment or product line or country or geography is performing in different ways. And adapted to that then is the demand generation. Demand generation there has 2 aspects to it. 1 is really I don't just measure pipeline generation. It's really pipeline coverage.
I mean, whether or not that pipeline lives on and it's there to help you make sure every territory and every product and every quarter is successful is kind of the key. So we do adapt through the demand gen team short- and long term demand generation. Some activities do bring shorter cycles. So addressing remote working right now is an example. Others, more how do you then over the long term mitigate cost controls in your business and accelerate modernization to that effect.
They are other more longer term plans. So we do have a model which helps us mitigate that risk. A little bit and I guess we're right into day 1 of our first major virtual conference. Maybe I can tell you the answers in a couple of weeks. But we're very confident.
We've had over 15,000 registrants for Octane Live. That's 3x up on last year's event, easily 3x up on last year's event in person. So we're very bullish. People are still speaking to us. Pipeline generation in numbers hasn't come down.
The questions we've been talking to really recently are whether or not elongated sales cycles will mean that we see that pipeline maturing later than we would have expected. But either way, the questions related to the back end of the year, I think we're in a strong position.
All right. We are coming to the end of the question queue. We've got 2 last follow-up questions from Pat Walravens. Before we get to that, I just want to mention Keith Weiss really appreciates Freddie's mid century modern look in his office there. So, last question
That
is my background. Thanks, Keith. Happy to talk to you about that offline any time. Just let me know.
All right. Last question is from Pat. Are you extending more flexible billing and credit terms to customers now that given that many are trying to conserve cash and as one CEO put it yesterday, cash is oxygen? And then secondly, how are you thinking about hiring now versus a few weeks ago?
Yes, I'll maybe start off Bill and then you can add color. The so first thing is we're being very focused on customer success and taking the mindset that we want to help our customers get through this both in terms of having a solid stable platform, it in terms of like abusing it, but where we can be flexible on financial terms is how we're going to try to be. Now cash is oxygen and we're very lucky to be in a very, very strong position from a cash perspective. But we are also managing the company to be aware that cash is king in these times of uncertainty. So we have actually changed the internal plan at Okta to make sure that instead of growing the pace we were going to grow and spend at the pace we were going to spend, we've taken a more conservative approach.
So while we're still growing, it's just the plan in terms of hiring and so forth is at a slower rate this year. We think that's the most prudent thing to do given the uncertainty and preserves our ability to both thrive in the short term and extend our lead and dominate in the long term.
Yes, I think I would add to that on the payment terms, Pat, at this point, we haven't made any meaningful changes in the credit and payment terms. But to Todd's point, there are specific customers on a case by case basis that we have done that for specifically customers that are in the more impacted industries. And to Todd's point about us wanting to work with our customers and continue to be supportive of them, we will continue to do that. I think on the spend, like Todd said, we have replanned the spend that is what's reflected in the guidance that we gave earlier today. But I think the key thing to understand is we're flexible.
So we're going to be flexible as far as flexing up or flexing down depending how things in this current environment evolve and we're keeping a very close watch on that.
Okay. Well, we covered a lot of ground. I think that's a wrap. As always, we appreciate your time and interest. And if you have any follow-up questions, you can reach out to the IR group at investorokta.com and we will follow-up after that.
So in the meantime, everybody stay safe. Thanks for joining.