Team, they have been on the road. We've been in New York, San Francisco, Germany, and we've been meeting with our customers, filming them, getting to know their use cases. So you will see coming up soon, a brand-new film. You'll also see the demo that Ashley was talking about, and you guys, this video is so exciting. This demo is so exciting. Again, you're gonna see from multiple use cases, Jenn and Harish are delivering it. It's gonna be fantastic. And really, throughout the week, you're gonna see our customer stories come to life. We've got signage on campus. We've activated the Sphere, which is really cool. If you were walking around in Vegas last night, you could see that, so that's great. You'll see all these customer stories around identity, and it's just a really exciting time to see these customer stories.
Yeah.
Now, you were talking around identity standardization. We know it's hot.
Yes.
It is the IT topic right now.
Yeah.
Would you mind telling folks, what does identity standardization mean to you?
Yes, absolutely. It's a really important topic, and so here are the two ways that I think about identity standardization. First, standardized identity security across the industry is going to provide so much value, especially for our customers, as they can easily integrate with SaaS apps that have advanced security already baked in. Second, identity standardization requires a really strong integration network, and we're doubling down on ours.
Yep.
As an independent identity provider, we strive to deliver that integrated experience that enables companies to choose the apps of their choice.
Totally. I mean, our customers, we talk about this, they love it. They all have their different, like, standardization or tech stack.
Right.
Just having this conversation coming up soon or how it comes together is gonna be great. We're getting the sign.
Yeah.
It's time to wrap this up, so thank you guys so much for joining us. You're about to get our first keynote for Oktane 2024 on the road. I can't wait to come back. We'll see you a little bit later to talk about these announcements. And with that, DJ Dave is gonna spin up some tunes, and we'll see you there!
This presentation contains forward-looking statements. We reserve the right to change the information in this presentation. More information can be found in our SEC filings.
Here we are, twenty-five years into a new century. We now have a digital world at our fingertips. For businesses and their customers, technology platforms have created incredible opportunity, but also complexity, fragmentation, overwhelming choice, clashing technologies, changing compliance, the promise and perils of AI, and all of it compounded by bad actors threatening your most valuable asset, your identity. Identity has grown beyond just a secure entry point to the digital world. It's become the most critical deterrent to ever-evolving threats. Now is not the time for the status quo. It's time to meet evolution with revolution. What if we fundamentally reimagined identity security, removed barriers without removing protection? What if an entire industry built to a standard?... and interactions became simpler, richer, efficient, and more secure. What if identity better aligned across different platforms and geographies, safeguarded every tech stack? Imagine unified silos, integrated apps and APIs.
Imagine complete visibility: seeing, knowing, and protecting the people in your ecosystem. Imagine a world where everyone is free to safely use any technology. It's possible. It's Okta.
Please welcome Okta's CEO and co-founder, Todd McKinnon.
Hello, and welcome to Oktane. We are thrilled to have you here. Everyone online, my wife is watching online. Hi, Roxanne, and everyone here in this jam-packed room. My father is here! Welcome, George. We are going to tell you a story about a company that has gone through a major transformation, and this story starts with identity. Identity is who you are. It makes you, you. It's your reflection in the world, both personally and professionally. It's the entry point to the digital world. It determines what you can access and when you can access it. It's something that can make organizations more productive. It can make every single interaction with technology faster, smarter, and more secure. But there's something more important. There's something more important. While identity can be a powerful force for good, identity is also under attack.
Over 80% of security breaches involve some kind of compromised identity, whether it's the initial compromise or how the threat moves laterally. So the stakes have never been higher for identity, and because identity is the foundation of technology, it's become the key to security. To get security right, you have to get identity right. A simple way to sum it up, identity is security, and the threat environment that we are all living in raises the bar for what an identity system has to be. It has to be agile and respond to threats. It has to be deeply integrated into every part of your ecosystem. It has to be independent and neutral, not part of some monolithic stack that's trying to lock you into one ecosystem. Now, this is obvious to many of us today, but it wasn't always the case.
If we rewind the clock back to two thousand and nine, when starting Okta, the world was in the early days of adopting cloud computing. Okta's focus, our focus, was on IT enablement. We were working hard to build a platform and a set of capabilities that would help companies adopt the cloud. Today, identity is still the entry point to the digital world, but it's become so much more, more than that. With that change, so have the expectations of Okta changed. We have a huge target on our back. We have a huge target on our back, and we are responding. Every month, Okta blocks over three billion identity attacks. These are credential stuffing, bot attacks on the internet, broad-based attacks, and very focused attacks. This means that everything has to change.
We aren't just powering the cloud. We are securing it, too, and this has resulted in a totally new risk model for Okta. We had to start treating every risk, no matter how small, as something that would be found and would be exploited. We had to evolve how we build our products, how we protect our corporate infrastructure, and how we manage risk. Maybe most importantly, we had to change our mindset. We had always thought of Okta as an identity company, and while that's still true, in a world where identity is security, Okta is a security company. Since last Oktane, we have had an all-hands-on-deck approach to becoming one of the most secure companies in the world. Now, we...
We got a lot done in this period of time, and we have emerged a much stronger company because of it, with a very clear vision and sense of purpose for our role in technology. This focus is captured in the Okta Secure Identity Commitment. The Okta Secure Identity Commitment is our long-term commitment to lead the industry in the fight against identity-based attacks, and it has four key focus areas. The first is building market-leading identity products that are secure by default, hardening our corporate infrastructure, championing customer best practices, and finally, elevating the entire industry to be more protected from attacks. Now, since launching the Okta Secure Identity Commitment back in February, we have made a tremendous amount of progress. On the Workforce Identity Cloud, we've launched Identity Security Posture Management, Identity Threat Protection with Okta AI, and Governed Okta Admin Roles .
Customer Identity Cloud has seen the launch of the fourth generation of our Bot Detection technology, along with Fine Grained Authorization and Highly Regulated Identity . In the last year, we have invested over one million hours directly focused on security. One million hours. If I would have done this myself, it would have taken 110 years. Luckily, I didn't have to do it myself. I have an awesome team. Now, it's a lot of progress on the screen, but it's just scratching the surface. The list goes on and on. This is a long-term commitment, and we will not stop until there are no more identity-based attacks. No more. It starts with helping ensure that customers are best protected, and that's why we created the Secure Identity Assessment. Secure Identity Assessment builds on what we talked about last year with our Expert Assist offering.
Expert Assist, as many of you know, since you've utilized it, is where our experts make sure that your Okta installation is set up to the highest secure configuration and to make sure everything's locked down and up to your posture. Now, Secure Identity Assessment takes this a step further by doing the same thing, but not just for Okta, but for your entire ecosystem. See, our team, we've worked with some of the most secure organizations in the world, and we've learned a lot, and we want to share those best practices with you, and the best thing about it is that as your identity security posture improves over time, we can reassess it and make sure you're attaining the level you want and you require, and you're maintaining that level, even as your technology, infrastructure, and ecosystem evolves.
Helping protect customers from attacks is a very important priority, but we also want to protect the broader communities that we all live and we all work in. In support of this goal, earlier this year, we launched, or we announced, a philanthropic commitment of $50 million to build a more secure world. And this future, as we all know, talent is critical. We have to have the right talent. Yet today, four million cyber jobs remain unfilled globally. So this is an issue for all of us, and the entire industry needs to move faster, building up and training the next generation of cyber talent. I want to spotlight an amazing organization that they're working hard to reshape the technology workforce of tomorrow. CodePath, it's an amazing organization and an amazing mission.
They're all about meeting the needs of underrepresented computer science students seeking careers in technology, matching them with employers, like all of us, seeking strong, diverse, job-ready talent. CodePath, they're on this mission to reprogram higher education, and we're taking actions to help them. We're partnering up, and along with. We're going to build an open source cybersecurity lab that will reach three thousand students a year and ensure they're prepared to take on these key roles in the cybersecurity industry. We are so proud of this. Sometimes these people that are early in their career just need a nudge, just need a little extra help, and they're off on their way, building a great career, helping the world in this important area. We couldn't be happier. So nice job. Nice job, CodePath.
Now, learning and growth, continuous learning and growth are very, very important to us at Okta, and our transformation and our increased focus on security has taught us a lot. Becoming one of the world's most secure companies has required that we harden our own corporate infrastructure, and this means, of course, using our own products. It should be easy, right? We're a security company using our own products. And this was so critical, so critical, I got personally involved, working directly with the product team, attending the daily meetings, and adding my input. You can ask them what they think of this, but very important. And I learned some incredibly interesting things, like, for example, do you know how many applications Okta has inside of our corporate infrastructure? Throw out some guesses. Five? Someone said five. No, we have more than that. It's over thirteen hundred. Thirteen hundred.
Now, many of you in this room, you have incredibly complex infrastructures at your companies, so this may not faze you, but I was surprised. I was surprised. And so what did we do? It was a tall task, but we do what Okta always does. We rolled up our sleeves, and we got to work. Now, getting a complete list of all these identities and all these applications, making sure we had end-to-end phishing-resistant authentication for all of these things, from the second the account was created or employee was onboarded, all through the resets and the job changes, et cetera, to when they're off-boarded.
Doing this for machine accounts and human accounts, making sure it's all restricted to the access from the corporate VPN, making sure that it's only from allowlisted IP addresses, making sure that the privileged accounts are locked down, making sure the secrets are vaulted and rotated, making sure we have identity governance workflow across the whole thing. This was all very hard. Very hard. Now, here's the other thing about it: it, it's way harder than it should be. And if it was hard for us, imagine what it's like for an organization where identity and security is not their main business. And why is this so hard? Why is this so hard? Well, it's not. We have great people, we have great products, but the reason it's so hard is 'cause all the applications and all the technology is different. It's all different.
They don't integrate well. And this yet led us to a simple but a profound realization: to solve the identity security challenge that is afflicting the world, we need massive standardization. Massive standardization. There's no identity security standard that ensures visibility and interoperability across all of technology. Sure, we have SAML and SCIM that help, but as our own experience shows us, as our own experience shows us, the industry, it's far from where it needs to be. It isn't easy for a resource or a workload or an API or any other enterprise technology to make itself governable, discoverable, support SSO, support provisioning, and continuous authentication. Now, if we solve this, we are on our way to solving the issue behind 80% of all cyber breaches.
It doesn't matter if you have the best network security. It doesn't matter if you have the best endpoint security or cloud security. These things are necessary, but not sufficient. If you don't have complete visibility into every touchpoint in your ecosystem, if you aren't listening to all the risk signals and able to take concrete action and response, you are vulnerable, and you are exposed. This lack of standardization is the single biggest issue and the single biggest barrier to cybersecurity today. It's the problem of our generation. The time is now to fundamentally reevaluate how we think about identity security. We need to move to a world where every app, every device, every workload, they all speak a common language. We need a way to standardize identity security. Think about some of the other standards that have impacted our world, like TCP/IP.
If I have to explain to you what that is, you're at the wrong show. Or even something as simple as a screw. Now, screws, they aren't just a story about standardization, they also represent the power of integration. Henry Phillips. Yes, there was a guy named Henry Phillips. He didn't just come up with the strong X-shaped design that's made screws ubiquitous today, he also knew that for screws to have a big impact, he needed to license the technology broadly. So the importance of a screw can't be underestimated. It makes the modern world possible. The growth of the automobile industry, the space race, and every household project my dad and I have done together, possible with the screw.
Our goal is to standardize identity security across the industry, and in doing this, we will help foster an ecosystem that is seamless and efficient to build enterprise technology and use it, an environment that will be secure by default. We want this to be open so everyone can benefit. Now, let's see what the scope of this would look like. You'll recognize in this picture on the right, something that looks like your corporate infrastructure. It is complex. Cloud apps, on-premises applications, AI agents. Now, with the right kind of standardization, you'll have complete control over every part of this ecosystem. Identity does familiar things like SSO and MFA, but also more advanced things like lifecycle management and entitlements. It listens to risk signals and can take actions like Universal Logout . It can manage your identity security posture across your entire enterprise.
Some of these areas, they have standards like OpenID Connect for single sign-on or SCIM for provisioning. But even there, it's not clear how those standards should interact with other parts of the picture. How do you make sure you bind an SSO session to a device? Unclear. And in some areas, there's no standard at all, like there's no standard for Universal Logout . We want this all to be simple, secure, and open to everyone, so our solution is a new standard that covers this entire picture. The standard is called Interoperability Profile for Secure Identity in the Enterprise, or IPSIE. Yeah, so if you're still wondering if you're at the right conference, you know you are, because we are an identity company, and we have never met an acronym we do not like.
We've led the formation of a working group within the OpenID Foundation, with the aim of defining the standard, creating it, and working with the whole ecosystem to evolve it into a unified identity security standard to solve all of these challenges. Now, this is a key part. This is open and involves everyone, other identity providers, the biggest to the smallest, other technology companies. We're going broad and wide with this because it only works if it covers everything. An identity security standard that covers a couple of things, not super valuable. Today, the identity industry can't integrate deeply enough into technology, and the people that are building technology, they don't have a simple and consistent way to allow these connections to happen. They're all reinventing the wheel.
IPSIE is meant to codify this connection, and in doing so, it will dramatically improve identity security. Imagine you're building technology. It'll give you a clear identity security blueprint that will make your solution far more secure. Organizations that standardize on IPSIE-compliant technology will get complete visibility into their identity environment and the threat surface, and they can provide access to what we all want, the right applications at the right time, and take real-time actions in response to threats. Now, this part's important, all at a fraction of the time and cost it takes today because it's too hard, it's too expensive. We need to solve these problems as an industry and get back to the main businesses we're all in. Okta is committed to this world and leading this world in the fight against identity-based attacks.
This standard is the most transformative way we can move the entire industry to a more secure place. Now, think about our own example of hardening our corporate infrastructure. In a world where each one of those 1,300 applications had been built to be IPSIE compliant, we would have been able to move much more quickly in securing our own and increasing our own security posture. We would have had faster, complete end-to-end visibility into every aspect of our ecosystem, every every nook and cranny, every element of it. We want this to be available to everyone, more signal sharing, more SCIM, Universal Logout everywhere, all requiring fewer calories. Fewer calories. Now we're turning the show into a diet seminar. Has to be cheaper, has to be easier. We all know in security, complexity kills, makes everything brittle. We can solve these challenges.
So in some ways, this is a big deal, huge and revolutionary, but in other ways, it's a continuation of what we've done before. When we've been kickstarting the adoption of standards like OpenID Connect and SAML and WS-Fed since Okta's earliest days. When we got started with SAML, it wasn't widely adopted, so we built the first version of the Okta Integration Network by hard coding, screen scraping to every application that didn't support SAML, and as more applications supported it, we updated the integrations, the ecosystem upgraded the integrations, and authentications happened quickly and easily and seamlessly as a result. So we are no stranger to standards and how standards can move the entire industry. We've done this before, and we're doing it again. Launching IPSIE and starting the standardization process is just the beginning. We aren't waiting around for this.
Just like in the early days, we're pouring resources into solving real customer problems today, and that starts with secure identity integrations. We're meeting you where you are today by building 125 new secure identity integrations across some of the biggest names in enterprise technology, Google, Office 365, Atlassian, Slack. Now, the idea here is to make these integrations behave exactly like everything will behave when everything is IPSIE compliant. Imagine this, think about this as a glimpse into the IPSIE future. Now, this wasn't easy. We spent a lot of time taking an inventory and building all the integrations into the most critical applications and manually doing this work. In the future, as IPSIE is adopted everywhere, all of this will be easier and faster and cheaper, but we wanted you to get the results sooner.
This is all very important, but another key to making this move forward and be effective broadly is that as many applications as possible, as quickly as possible, need to support Universal Logout. Now, the Customer Identity Cloud is the identity layer for thousands of applications out there. So if we added support to the Customer Identity Cloud for Universal Logout, it would be supported by these thousands of applications immediately, and that's exactly what we've done. Exactly what we've done. So this means as the IPSIE standard evolves, thousands of applications out there that use the Customer Identity Cloud all are well on their way to being compliant. Now, Universal Logout is just the start. Over time, we'll add more capabilities to spur adoption even further. This is a virtuous cycle.
We are providing real value today with secure SaaS integrations. This makes customers more secure, so they'll start to demand it of all of their technology. We're working with everyone in the ecosystem to codify IPSIE. We're adding elements of IPSIE to the Customer Identity Cloud, which will lead to more IPSIE-compliant technology, more secure SaaS integrations, and most importantly, more secure customers. You can see we're putting all the pieces in place to eliminate identity-based attacks. And let's be clear, we will not stop until we get there. And what an amazing accomplishment that will be, what a better future. So doing this is an important step in our overall vision, and that is to free everyone to safely use any technology. Are you excited about this? Hopefully... Ah, I'm glad. I'm glad. 'Cause like a lot of things in life, there's a catch.
The catch is, we're gonna need your help. We're gonna need your help. First of all, you have to believe this is possible and get aligned that we can build a better future. For those of you that saw the keynote, the intro keynote yesterday, with Alex, how do you do something impossible? First thing you do is you tell yourself it's not impossible, it's just really hard, and then you break it down and you do it. Second is, dig in, understand the standard, and give us feedback. Collaborate on us. Now, if you're building technology, make sure it adheres to these IPSIE principles. We're gonna make that really easy, whether it's adding capabilities to the Customer Identity Cloud, publishing tools and documentation, make it all very clear and transparent, and get everyone's input, make it open and accessible to all.
And finally, if you're buying technology, make sure the vendors are IPSIE compliant or headed that way. They need to be on board with us, all of us. Now, we know that introducing new standards is hard, and to get them bootstrapped, they have to be open, and we've talked about that. It has to be easy and simple for every technology company, no matter how big or how small, to adopt them. Now, the good news is we already have some of the biggest in the business on board to help us.
Thank you for the warm welcome, Todd, and hello, Okta. I love that name, by the way. Unfortunately, I couldn't attend in person, but I'm thrilled to represent Google and our partnership with Okta today. As many of you know, security and user experience drive all of our product decisions here at Google, and we see Okta as a class-leading identity provider with the exact same goal. Now, like Okta, we believe in ecosystems over monoliths and in independence and neutrality, so we can strive to provide customers with the best available choice. Now, throughout this journey, Google and Okta have done a lot together and have delivered a lot of value to our customers. We've added key identity security features directly into Chrome for our enterprise customers globally.
We have extended that for popular desktops and mobile OSs, so that we can embed threat detection and posture management, again, directly into Android and Chrome OS, and now with Google Workspace, a partnership that we launched last year, we are seeing great traction with prospects and customers. Now, customers see security and user benefits of having communication collaboration apps, such as Gmail, Drive, Docs, and Meet, that, you know, people know, love, effortlessly and safely accessible with the leading identity provider, Okta, and I'm really excited to see the latest ongoing effort with Google Cloud and our security offerings, such as Google Security Operations, so that we can fundamentally bolster security across the board for customers wherever they are, and so as industry leaders, we now have to set the bar and keep the bar high.
Like Okta, Google is a huge proponent of identity standards, and to get security right, we all know we need to get identity right. Vendors and app developers cannot let their silos and proprietary approaches get in the way of securing our shared customers. We all need to do more to ensure security before, at, and after the login process, so that right people can access the right resources at the right time. At Google, our DNA has allowed us to lead in these areas over the last few decades, but overall, the industry needs this, and I think more importantly, the audience here, our customers, need this and should be demanding this. We look forward to our further collaboration and alignment with the new OpenID Working Group, which has already done some amazing work together. I'm really excited about the journey ahead.
Thank you again for having me at your event. Enjoy the rest of the show, and back to you, Todd.
It's great hearing from Sunil, and we love working with Google. When I talk to companies, software companies and technology companies, large and small, about this mission of eliminating identity-based attacks, the conversation is never about the why. The why is incredibly clear. It's always about the how. How do we do this? So IPSIE is a collaborative effort across the whole industry to clarify the how and move forward rapidly toward solving these problems. So we've heard from one of the largest companies in the world, from their perspective. Now, next, we're very lucky to have someone to have a conversation with, a customer of Okta, who's also a software company, so it's an interesting perspective into all these ideas we're talking about. So please welcome the Chief Information Officer of Workday, Rani Johnson.
Sorry I didn't run out here.
No worries, yeah. Well, I got a little out of breath, so thanks for joining us. How does Workday think about application security, and how does this fit into the way you think about Workday and its opportunities and its internal infrastructure and-
At Workday, we are simply obsessed with creating delightful user experiences for both our customers and our employees, and we understand that securing those user experiences are, frankly, table stakes. We believe that security should be intuitive, slightly invisible, and seamlessly integrated with how users interact with our applications. This is why we're constantly evaluating security capabilities like identity governance, passwordless, and privileged access management. We believe that security and user experience have to go hand in hand, and if security is cumbersome or in any way intrusive, people will find ways to circumvent it. Not you good people in IT and security, but everybody else. This is why we're striving to make security so user friendly that it becomes second nature.
At Workday, we manage the sensitive data for over 10,000 customers and millions of workers, and security has to be at the foundation of trust in our platform, so security is a non-negotiable.
Yeah, talk about someone that understands internal security and hardened corporate infrastructure. So, the internal governance rollout, pretty easy? I liked your term, "slightly invisible.
Slightly. Gotta know it's there.
I heard Rani was telling me backstage that their rollout of identity governance is going very well, so I'm excited about that. We don't want to comment until it's completely done, I understand.
Feeling good about it, though, Todd.
What do you... I'm sure in the technology world, you've heard about standardization and some standards work and take off. What do you think about this idea of trying to standardize identity security?
As an IT professional, we know standardization is the right answer, but also, as a long-time customer, we are constantly impressed by Okta's ability to manage identity at scale. We're internally focusing our use of Okta to encompass more identity profiles. For us, we're trying to get off, frankly, Active Directory and security groups-
Sorry about that.
Yeah.
If we would've worked harder, it would've happened already.
It's a lot of work, but we're on the path. And we're focusing on automating onboarding and off-boarding. You talked about that a little bit earlier. For us, it's provisioning access just in time. We have also leveraged some insights from Okta to actually do license reclamation-
Yeah
... so that we're also not over-licensing our workers. And then, most importantly, we're streamlining visibility, making sure that we've got identity analytics. And as you mentioned, I'm super proud of this, we only rolled out OIG recently around our user access reviews. But the folks in Workday's security and IT teams will tell you, when we did that just a month ago, we included for the first time, applications that were under SOX control, so not just those with a security objective, but those with a compliance objective. And so this is around, like, literally, like, our Salesforce environments and our Workday environments.
Rolling out those UARs, we did that with significantly less manual intervention, less headache on our side, but we were successful, and I'm going to just tell the truth on this, too. We automated the escalation of, frankly, telling your boss via Slack that you hadn't done your UAR, and we did the threat of, frankly, the reclamation, and we actually had significantly more success with much less intervention. So we're really excited.
Oh, that's amazing. I love it, yeah. I'm smiling up here when I listen to you talk because I'm just thinking of selling technology to another technology company, a company which has, you know, great products and great user experience. The bar is always very high. So I'm glad to hear that it's going well. What about for customers? What do you think this could... the customers of Workday, because you're the CIO of Workday, but also, obviously, Workday has a very strong presence in the market, delivering HR and financial management and the whole platform of products. What do you think this means for customers?
Well, well, standardization, just frankly, it simplifies administration, but more importantly, it enhances security for our customers. It enables the authoritative source of identity for authentication and helps us to achieve and enforce our security and compliance objectives. We have been advocating for our customers' use of MFA for a really long time now. We are moving to the stage of enforcing MFA across our customer environments. We know that our customers should have stronger protection for employee data. It's our responsibility at Workday to ensure that only authorized individuals access this important and sensitive data, and our reputation depends on it.
Yeah, it's kind of like what I was talking earlier about Expert Assist. If it's our... I mean, we think about it as our fault if Okta's not set up right.
Yep.
I mean, technically, you know, a customer has to help us, but we don't want to say, like, "Oh, it's your problem." We want to help them.
Exactly.
So looking forward, when we're back here next year, we're already booking you for next year, you're so good up here. What are we gonna be talking about? What's next for identity security at Workday?
So first of all, I'm a huge introvert and a big old nerd, so this is hard.
Yeah, exactly. You're doing great.
I've got coworkers.
Don't worry about it. You're doing great.
I appreciate it.
You can't see anyone out there anyways. The lights are too bright, so.... There's like, you know, only a few rows deep.
It helps, so we're focused on enhancing our identity strategy in a few key areas. The first one is passwordless. We obviously want to make a better user experience and make security kind of seamless for our employees. But the more interesting one for us is really contextual access. We're moving beyond basic role-based access control to create a more dynamic, context-aware approach, considering factors like location, your device MAC address, or frankly, even the time of day, to make sure that the access is appropriate when you're trying to gain it.
Yeah.
You can't go to a user conference without saying AI, so check. We're also-
This is a record. We're like 35 minutes in. I said AI agent, so yeah.
Okay. So it's a two, and if you're taking a shot every time you say AI, you'll be drunk by the end of the day. So we're deploying AI-powered identity analytics to proactively identify and mitigate threats and, frankly, help stay aware of potential vulnerabilities. We're aiming to create truly frictionless, secure identity experiences that empower the employee and strengthen our overall security posture. And for what's next for Workday, we are continuing to define the future of work, and when it comes to AI, we are not new to this at Workday. We have been true to this for over a decade. Our next generation of AI, we're calling Workday Illuminate, is taking us beyond task automation and to true transformation. It's...
Imagine that our AI will act as like a personal coach, that's accelerating the employee's performance, freeing workers to focus on meaningful, impactful tasks and reducing the kind of burden of kind of redundant work, really elevating human potential. We're aiming to move business forever forward, and we're excited to partner with Okta on defining and shaping the future of work.
Yeah, we're thrilled to have you. Thank you so much. The perspective is super valuable. Rani Johnson, everyone.
Thank you, Todd.
The issue of identity security standardization, it's a real problem, a problem impacting all of us today. Now let's learn about a customer that's taking this problem and turning it into opportunity.
Healthcare is a very complicated business, but healthcare is always very personal. We have 35 million people logging into our systems, looking for updates on their claims, their benefits, trying to understand their personal health journey. They're in every continent around the world. We also have over 140,000 employees who log into our system servicing those members.
During our open enrollment times in January, we want to make sure that the last thing that any of our employees, our customers, our providers, our members ever have to think about is security.
If the identity system is down for any point in that period, customers can't log into their applications. They can't log in to enroll in our services.
Managing multiple legacy solutions at high-volume times was presenting real challenges for us.
The security challenges in the healthcare industry. It's almost a weekly barrage of news around companies being breached.
We should be doing what we do best, which is healthcare services, not identity and access management.
That put a significant emphasis on what Cigna needed to do to protect our customers.
We were not actually expecting to leverage Okta at the scale we did. Every time we saw a problem that required an identity and access management solution, we had one ready to go.
Putting the operational maintenance in Okta's hands, as opposed to our hands, has been transformational.
One of the most important things for me was that we made this easy for our developers.
Trying to roll out MFA to 35 million customers, the Okta Customer Identity Cloud, it simplified that entire experience.
Okta has enabled us to really focus on a single team that gets really good at identity.
The services that we deliver from a workforce perspective are extremely vast, and that's something that Okta's really helped drive with us.
If I ask a question, "Do you know who logged in where, what time, and how?" The answer is yes now. It's made my job as a governance lead a lot easier.
Whether it's Customer Identity Cloud or whether it's Workforce, we're all becoming really good at delivering with Okta's services.
It's been able to give us a very single-focused platform to deliver a global identity experience to the entire organization at Cigna.
Our job is to make sure that, when someone has something they're worried about, when it is related to their health and vitality, you should be thinking about what's on the other side of that login screen, not the login screen itself. Okta has taken that worry off the table.
Okta has made it possible for Cigna to strengthen the trust that our customers have in us and strengthen the trust that Cigna is protecting their data in a secure fashion and in a secure model. That really helps to solidify the relationships and the services that we're trying to deliver our customers.
It's only really possible with Okta.
That's right, Cigna, Fortune 15, one-five company, using Okta to innovate across healthcare. To show you this in more detail, please welcome two leaders from Okta's product marketing team, Harish Peri and Jenn Vicario.
So Todd was sprinting. I figured I would hop and skip, but that didn't work out. How are we doing, Okta? Are we having fun yet? There we go. That's what I'm talking about. So as you saw in that video about our amazing customer, Cigna, open enrollment is a critical time for them. They have millions and millions of customers accessing their system to conduct very sensitive transactions.
The security risk on that company is incredibly high. So for the next few minutes, we are going to take you on a journey. We're going to show you a demo of how Okta secures every part of Cigna, every app, every interaction, every touch point, everything. And we're going to show this to you from four perspectives. The first is that of an IT administrator. The second is that of a customer service rep, an employee. The third is a developer working on the myCigna application, and the fourth is a healthcare customer actually using that app during open enrollment. So let's get going. Let's start with the IT admin. Cigna's admins have to manage thousands and thousands of applications, every single one of which has its own governance, its own entitlements, its own access policies. It's very complex. It's a lot of work for these admins.
Let's take a look at their ecosystem. What's already great about this is that many of their apps already support the secure identity integrations that you heard Todd talk about, which means, of course, they're secure, but it also gives the admins visibility into what's going on. You have apps like Zscaler that support risk signal sharing, and you have apps like Salesforce that support SSO, MFA, entitlements, lifecycle management, signal sharing, and Universal Logout . Pretty powerful stuff. But beyond just making things secure, these integrations also let their admins do their own jobs better and faster, so they can focus their efforts on supporting Cigna during open enrollment. That's what counts. But that's only one part of this. To further protect Cigna, these integrations also give their admins unprecedented visibility into identity risks across their ecosystem. This is Identity Security Posture Management, or ISPM.
This is a phenomenal capability that shows their admins identity risks from across their entire enterprise. Risks like unused accounts, admin sprawl, bad password hygiene, just to name a few. But it gets better. The admins can click into a specific kind of risk and actually see the users that have that risks. But wait, it gets better! They can actually click into a specific user, and this is my favorite part. This is my favorite part. I'm biased, but it's my favorite part. This shows the admins the access graph. At a user level, what that user has access to and how they have access to it. Very, very powerful stuff. But where it gets really, really good is the admins can actually take a remediation action directly from ISPM. This takes them to Governance Analyzer with Okta AI.
What Governance Analyzer does is bring together vast amounts of data from the ecosystem to create a highly targeted recommendation of what to do with a specific entitlement problem. In this case, it's recommending that we revoke that user's access. I want to remind everyone what we just saw. We saw a macro-level view of identity security and a micro-targeted surgical recommendation of how to fix a specific user problem. That is identity security in one place. Extremely powerful stuff, and that's the admin side of things. Thank you. Yes, yes, yes. That's what I'm talking about. If you know, you know. Now, that's the admin side. Now, when we keep this journey moving, let's see what this looks like for an employee who's onboarding themselves into Cigna to get productive securely on day one, and for that, I'm going to pass it off to my friend, Jenn.
Hi, everyone. It's my first day as a customer service representative, hired to help during open enrollment period, and because this is such a busy time for Cigna, it's imperative that I securely get access to all my apps, so I can be productive on day one. With this welcome email, I can begin activating my account without waiting for IT approvals. Instead, I can use a seamless self-onboarding flow using secure ID proofing. Now, if we proceed here, it's already kicking off the ID verification process using CLEAR, which is possible because of CLEAR's deep integrations with Okta, and as I proceed, I already have a CLEAR account, so all I have to do is type in some basic information, like entering a code here and taking a selfie for Face ID. Now, let's hope they caught my good side.
Now, as we proceed, I can log in to the Okta dashboard, where I already have access to all my essential applications to be productive day one. But that's not all. I can request access to additional applications and privileged resources on behalf of myself and others, simply by inputting some basic information here, and we'll be able to get that up and running pretty quickly. Now, what we've just seen here is the future of onboarding, and it's here today. From my initial onboarding flow to birthright access, to entitlements and Universal Login that the IT admin configured, Okta can help Cigna ensure that the right user gets the right access at the right time, fast and easy. Back to you, Harish.
Thank you so much, Jenn. That was pretty cool. We saw an administrator securing their applications, and we saw an employee getting onboarded quickly. Let's keep this journey moving. Let's see what it's like for an actual developer securing the myCigna app. Now, Cigna's developers, during open enrollment, are dealing with one of the most notorious kind of risks: bots. Bots are on the rise, and they are on the hunt for sensitive data, exactly like you would see in open enrollment. Well, with Auth0, Cigna's developer can embed bot detection directly into the myCigna app without having to write a lot of code. It's highly configurable, and it uses a tremendous amount of collective intelligence to help determine what's a bot and what's not.... So that's bot detection. But there's one more thing.
Our developer here can also ensure that the users of the Cigna app actually have the right authorization to access the right kind of data, and this is where Fine-Grained Authorization , or FGA, comes in. They can very easily model complex relationships like beneficiary and dependent, which is key to open enrollment, and again, ensure that only the right users access the right kind of data. And just like that, our developer was able to secure their app against bots and also make sure that user access to data is controlled in the right way. Now, let's close out this journey. Let's see what it's like for an actual healthcare customer accessing the myCigna application during open enrollment. Let's see what their experience is like. For that, back to you, Jenn.
Now, I need to log in to finish my open enrollment, and as I do so, Auth0 is checking for bots in real time to make sure that my account doesn't get breached and that I am indeed a human being. And it looks like I have a new message. Let's see what it says. Hmm, it's the Cigna AI chatbot, and it's asking if I want to update the address of one of my dependents because it noticed an address change in the app that we use to manage prescriptions. This is possible because I have previously authorized this chatbot to take this type of action on my behalf. And under the covers, this chatbot is powered by Auth for GenAI, which helps secure the identity of GenAI applications.
I'm able to view all this information of my dependent because of the fine-grained authorization model we just saw the developer configure. Since it's a bot acting on my behalf, we can use async authentication to verify with a human. Now, I'll go ahead and approve this flow, and I'll use my phone for that last verification here. I'll approve that and use Face ID. That was pretty easy. Now, back to you, Harish.
Thank you so much, Jenn. We covered a lot, so let's recap. We saw how administrators and developers can embed security deeply into every part of Cigna's ecosystem, and we saw how customers and employees can benefit from that security without sacrificing user experience. When you step back, and when you bring all of this together, this is what it really means to free everyone to safely use any technology. Thank you. Back to you, Todd.
All right. Thanks, Harish. Thanks, Jenn. It's great to see the power of Okta in action at Cigna. Cigna team here, thank you. Thank you very much for being such a great partner. Now, you can hear about all of these incredible products throughout our keynotes today. Our ability to build these innovative products is deeply dependent on our interactions and our feedback from you, and this has been one of Okta's core strengths and values since our earliest days. In fact, when we first got into the customer identity business, it was because customers were asking us to use our workforce identity products for customer use cases. So we're always listening and adjusting and trying to make things better. Since 2022, after the acquisition of Auth0, we focused our customer identity innovation there, and many of you, including Workday and Cigna, use Customer Identity Solution.
As you know, we're committed to supporting and maintaining this forever. In fact, it shares 80% of the code with the Workforce Identity Cloud, so you've seen a steady stream of updates just by the fact that it's on the same platform. We've also added critical enhancements based on customer demand as well. In the past two years, I've had many, many conversations with customers about their visions and their requirements for innovation and customer identity, and it's been clear that they were pretty worried about having to migrate to Auth0 or the cost and complexity of that. After hearing this feedback, I'm very happy to share that we are accelerating investment in the Customer Identity Solution. That means... What does that mean? That means more innovation and more new capabilities.
It means we're going to be sharing a roadmap with regular updates so you can plan accordingly. In fact, the first version of this, or the first discussion of this, will be in the Customer Identity Solution roadmap session later tomorrow afternoon. So both Customer Identity Solution and Auth0 are critical, critical parts of our future, and each will have their own specific roadmap with regular updates, so you can so you can have a very clear idea of where they're going, and you can plan accordingly. We believe that customer identity is very broad and diverse, and we want you to be able to choose the right solution for you, and we're here to support you. Because everything we do comes down to making you successful.
From Wyndham to JetBlue to MLS, to Siemens, to Zoom, to Mars, to over 19,300 customers around the world, they rely on Okta every day to secure access for their workforce and their customers. We don't take that lightly. We're honored to serve you and working hard to do it. So wherever your business is headed, Okta makes that possible, and this shows up in our numbers. We're the largest independent and neutral identity company, which just blows me away every time I say it. Our customer base covers over 40% of the Global 2000 and 60% of the Fortune 500. We have the industry's broadest and deepest set of integrations with the Okta Integration Network, with over 7,000, and you can see today we're enhancing and innovating and driving the industry to make that even better.
Every month, we have a billion unique users across our two clouds. Now, let's hear from the leaders of those two clouds. First up, to talk more about the unified security solution for the Workforce Identity Cloud, is the Chief Product Officer of the Workforce Identity Cloud, and also the best-dressed man at Okta seven years in a row, Arnab Bose.
Thanks for that intro. Thank you, Todd. It's so inspirational to hear the success stories of customers like Cigna and Workday, businesses which are making identity the backbone of their security strategy. Every company must adopt a similar strategy because today, identity is the security perimeter. When engineering teams spin up new AI models, they're looking to unlock business outcomes, like accelerating clinical trials for a new vaccine or automating customer engagements via support agents. But us, in this room, what we see is machine identity sprawling, over-permissioning, and chances for lateral movement. And when an employee gets a voicemail from an executive asking for help, they think they're earning brownie points.
Hey, it's Todd. I left my phone in the car while going to this customer lunch, and I can't check my email. One of our investors is forwarding you a document I need ASAP. Can you download it and text some screenshots to this number? I'll owe you big time.
Cool. Now, I've worked for Todd for over five years, and I know he doesn't need slides to get a customer meeting right, but that deep fake was pretty realistic, right? What we are seeing is bad actors getting savvier and savvier, and securing our our workforce, getting harder and harder every day. We see more attacks than we did just a year ago, 180% more, in fact, and it's taking organizations over 290 days to recognize and contain a breach. That is why we need every layer of the tech stack to support an open standard like IPSIE. Imagine a world where your whole tech ecosystem conforms to the IPSIE standard. It will provide the strongest level of identity security before, during, and after authentication. Before authentication, you can discover and remediate risky identity misconfigurations.
During authentication, you can achieve outcomes like end-to-end phishing resistance, device-bound sessions, and getting to zero standing privileges for both humans and non-human accounts. And after authentication, you'll be able to continuously listen for risk signals across your entire enterprise and terminate sessions with Universal Logout. The future of identity security is powered by the IPSIE standard, and the good news is, we are well on our way to achieving this vision today. Let's take a closer look at how we secure each of these three phases and how we are innovating to give you even more control. Before authentication, customers need to discover identity misconfigurations, like partially off-boarded users or inconsistent MFA.
You saw this in the demo we showcased before, ISPM showing you that user access graph, where even though you might have that application behind SSO, that same user has direct access to the application through other means. ISPM integrates to major cloud vendors, IdPs, and more to uncover risks fast. In this phase, you also need to discover and remediate excessive standing privileges and take actions to rightsize these entitlements. However, managers and approvers don't have all of the risk context. They're being asked to approve these access requests without all of the data to make the right decision at the right time. This is a problem you'll be able to address with Governance Analyzer with Okta AI.
Customers will be able to leverage the full power of Okta's platform, from device posture assessments to relationship data, and past governance decisions as well, to get real-time recommendations to get authorization right. And as apps adopt the IPSIE standard, Governance Analyzer will get even better because it'll get plugged in to every single application in your tech stack. Now, our end-to-end use cases don't just stop with applications. You might think that setting up single sign-on for an application is what you need to secure access to it, but every SaaS application or cloud-based product also has break glass accounts or admin accounts to set up the config in the first place. If we don't pay attention, these accounts can easily go unprotected and be a way to bypass your security checks. Meet Secure SaaS Service Accounts.
Now, you can discover, vault, automatically rotate, and manage these service accounts with Okta. And as... Woo! Yeah, there you go. It fired up.... And again, as the IPSIE protocol becomes more widely adopted, discovering SaaS service accounts will be easier than ever, and again, your whole tech stack, every application in your tech stack, will start supporting this awesome capability. Now, let's take a look at how we're enhancing security at the point of authentication. Okta has long led the way by supporting phishing-resistant authentication with Okta FastPass across Mac, Windows, iOS, and Android devices, and in early 2025, we'll start supporting Linux machines as well. But think about how you unlock your actual Windows or Mac computer. In most enterprises, this remains the final frontier where using a password is sufficient.
Last year, we announced Okta Device Access to help customers secure their machines and ensure that security starts at power-up. Over the summer, we took things even further by adding passwordless, phishing-resistant authentication to Windows and Mac devices using FIDO2. Today, I'm excited to announce that we're taking this journey even further with a new capability called Extended Device Single Sign-On. Awesome. So much excitement, I haven't even told you guys what it does, but let's get into it. What Extended Device Single Sign-On does is it improves outcomes in two major ways. First, from a security perspective, it ties the Okta session directly to the device using a hardware-protected key that's secured on a hardware chip on the device itself. This means that the Okta session is bound to that specific authorized device and cannot be replayed anywhere else.
From an end user's perspective, you'll simply sign into your machine, and from that point in time onwards, you're already signed into Okta. All your downstream applications will be automatically logged in, and at every login, we are constantly reassessing all your security risk signals, so in case something does change, we can step you up at that particular point in time. Not only is it faster and better for your end users, it is more secure end to end. Now, speaking about active sessions, let's take a look at security post-authentication. This is where Identity Threat Protection with Okta AI comes in. We announced it at Oktane last year, we made it generally available over the summer, and throughout the course of this year, we've been adding even more integrations.
Leveraging real-time signals from Okta and the rest of your security stack, ITP continuously evaluates the risk of an end user session and takes actions to contain threats. Leading security providers like CrowdStrike, Jamf, Palo Alto Networks, and Zscaler already integrate with Okta using an open standard called Shared Signals Framework and trigger powerful inline responses, such as Universal Logout , if a high-risk situation is detected. And now, we've continued to expand our network of partners that share risk signals. We've added Rubrik, we've added Workspace ONE, and Surf Security, among others. We are also working with a number of applications that are highly adopted in the enterprise and have extended Universal Logout to PagerDuty, Zendesk, and Dropbox. And any application built with Okta's Customer Identity Cloud will automatically support Universal Logout as well going forward.
These are some examples of the deep integrations we've already built with the most prominent enterprise technologies. Todd talked about secure identity integrations. What we've done is, it's not just for Universal Logout or shared signals. Across the entire identity security process, before, during, and after, we've been going ahead and hand-cranking these integrations, working with tech partners to help make your businesses safe. In fact, over 125 deep integrations are available for our workforce customers today. Applications like Google Workspace, Salesforce, Slack, Box, Microsoft 365, I could go on and on, but we've been, like, laser-focused trying to ensure that we can raise your security bar and support your entire stack. So let's bring this back to three key security outcomes from a workforce customer perspective. First, we want you to take back control of your identity security posture.
Second, implement the principle of least privilege with products like governance and privileged access management. And finally, continuously monitor and remediate identity threats in real time. All of this is made possible not just with the products, but with the deep integrations we've built throughout the tech ecosystem, and these integrations are only going to become easier to use and more widely adopted as the IPSIE standard takes off. This is just a preview of all the exciting innovation that we are introducing to make our customers even more secure. You are not going to want to miss the Workforce Identity Cloud keynote at 2:00 P.M. this afternoon, where we'll go deeper into our unified identity solution, share even more innovation, and you'll get to see it all in action. And now, please welcome the President of Customer Identity Cloud, Shiv Ramji.
Hello, Oktane. Good morning. How's everybody doing? Good. Thank you, Arnab. Here at Okta, we're building for every identity use case and for every part of the business, from IT and security teams to marketing and digital teams, and of course, the product and engineering teams. That's because customer identity isn't just about usernames and passwords. It's where security meets revenue, where your brand meets your bottom line, and where trust fuels growth. Now, think about that. Developers are not just building applications. With each line of code, they are shaping security, revenue, and business growth. It's a tall order. It's a tall order, considering customer identity impacts everyone in this room and most people on this planet. When done right, it powers convenient, secure experiences for billions.
That's why embedding IPSIE into every application is so critical, to help every single application builder build faster, without compromises, with continuous authentication, automated provisioning, and integrations all right out of the box. Now, we know developers are under more pressure than ever to deliver more and deliver faster, and many of you in this room are building applications that power our businesses and our personal lives, and you face real challenges as application builders: integration complexities, scalability issues, and adoption hurdles. When you build an application with Customer Identity Cloud, you will get IPSIE out of the box. It starts with giving SaaS application builders the tools to streamline onboarding and provisioning, a key part of IPSIE. Today, each application uses different APIs for user management, and developers are forced to spend hours building custom solutions, increasing the risk of human error, orphaned accounts, and unauthorized access.
With IPSIE, every application will be built with the ability to automate the provisioning and deprovisioning of users. This will be powered by SCIM, also a key part of IPSIE. Now, not only does SCIM boost application security, but it also frees up developers so they can get right back to building. And we aren't stopping there. Next year, we will launch self-service SCIM. Yes. With it, you can send your customers' IT administrators a link to a setup wizard, allowing them to configure SCIM on their own. Now, single sign-on has become a core security requirement for SaaS applications. However, some organizations are finding that up to 80% of SaaS applications used by their employees are not in their SSO portals. It's just one more reason we need a common identity security standard. Now, self-service SSO will help accelerate the adoption of SSO in every application.
Business customers can set up and configure SSO in their own tenants according to their security policies and on their own timeline. With it, onboarding new users becomes more secure, and organizations don't need to rely on your developer or IT teams. Now, onboarding is just the beginning. You're also expected to protect the entire digital journey, and we hear from our customers across industries and across sizes, "I don't want my developers to be the last line of defense." And we hear from developers, "I didn't sign up to be a security expert." And as application builders ourselves, we get it. We envision a future where every app detects risk changes and potential attacks, enabling businesses to log users out of all sessions, across all applications and all devices. Universal Logout will power this visibility and response, and you don't need to build it yourself.
This, too, will be part of IPSIE. But what about authorization? Earlier this year, we introduced Okta Fine-Grained Authorization, or FGA. It's authorization as a service that centralizes the authorization logic, making it easy to implement and evolve access policies for any of your applications, and authorization is traditionally focused on human users, but with AI integration in applications, managing AI is essential. Now, Okta FGA dynamically adjusts access levels for both human and non-human users, ensuring that everyone and everything has the right access. As AI evolves, so do attackers' tactics, including new methods for faking identities and credentials. This is why we are excited to share today that we support leading ID proofing integrations. Now, before I wrap up, I want to tell you one more thing. Here at Okta, we truly believe in the power of AI to improve the ways we live and work.
Businesses are sprinting to add AI, more specifically, generative AI, to their applications, but there is no blueprint for doing so securely. Now, over the next decade, we believe we will see the rise of a huge AI agent ecosystem, large networks of interconnected AI programs that integrate into different applications and act autonomously on our behalf. To realize a world where AI helps us daily, managing tasks and making decisions on our behalf, we must empower builders to securely integrate generative AI into their applications. This is where Okta can help. Auth for GenAI makes it easier for you to build generative AI applications securely. It is a ser- Thank you.
It is a series of features to help ensure that AI agents have least privileged access to sensitive data, secure API access for AI agents, and implement human-in-the-loop processes for AI agents to take action on behalf of users. In the Customer Identity Cloud keynote later today, I'll be walking through a demo of Auth for GenAI to show you how all of these features work together. I hope to see you all there. You'll also see more exciting product announcements and demos, and hear from our customers, Siemens and Major League Soccer. Make sure you are there. Thank you so much. Back to you, Todd.
All right, thanks, Shiv and Arnab. To free everyone to safely use any technology, we have to solve the problem of identity-based attacks. It's the only way we can help the entire industry by working together. Come on, tech companies, identity providers, all of us focus on this common goal that's going to have a huge impact on the world. As we wrap up, here are all the innovations we announced today. You can see it all in one place. Thank you so much to the R&D teams that have been working on all this stuff. I am fired up about where we're going. It's going to be a lot of hard work, but at Okta, we love a challenge. We don't shy away, we lean in, and we're going to get back to work. We have a great foundation to build on.
It's a foundation we've built together, so give yourselves a round of applause. Thank you very, very much for being here today and being on this journey with us. Please enjoy Oktane.
Hello, welcome to my virtual session. My name is Shobha Siddigonde, I'm the Software Engineering Director here at Elsevier. In today's session, I'll be talking about how at Elsevier, we are improving the user access experience via Shared Identity. If you're watching this live, I'm actually available to take any questions online, so please feel free to post your questions in the chat. What is Shared Identity, and what does it mean for us at Elsevier? Shared Identity is an initiative that we have rolled out in the company, and it is revolutionizing the way users experience as they are navigating from product to product, accessing different educational content. The experience we are offering them is by providing a unique identifier that is seamless, frictionless, and secure.
How we have been able to accomplish this is by developing a new architecture framework that's an integration of both Keycloak and Auth0. What we aim to achieve with this initiative is provide the users a unified identity... create a lifelong progressive profile and offer the users a seamless, flexible, and also a forward-looking login experience. Why does it matter to us so much about shared identity? Is due to three main reasons. First one being a seamless user experience leads to higher user satisfaction. Think about a single sign-on system wherein users have to log in just once, and they can access different products. It cuts down the time users have to log in to different systems. It also makes their experience smooth. The second reason why shared identity matters is the consistency in this identity management reduces friction.
Imagine a user having multiple username and password for different systems. The experience of logging into the different systems with these multiple credentials is not only frustrating, but it can also lead to errors. What we are offering users with the shared identity is this consistent identity management that takes away the friction, make their life hassle-free as they're accessing products. The third and the most important reason why it matters to us is because of the enhanced security that it has to offer. It protects both the users and the organization. A single security breach can have massive impact on the company and the users. With a shared identity platform, we are offering users this secure and robust product, which they can access without having to worry about multiple credentials, multiple logins, and with no security breach.
Before I start discussing about the implementation of shared identity, I wanna touch a little bit on the company, who we are, what we do, our history, and why we are on the path of shared identity. Some of you might have read books and journals published by Elsevier. If you are in the field of science and technology, you might know us as a science and medical publisher, but we really are a global information analytics business, and we specialize in helping institutions and professionals progress science, advance healthcare, and also improve performance. The numbers that you see on the right are the stats of how we are performing in this segment. The number of journals that we have published, the number of e-book titles that's available, and the millions of COVID-19 content that's been downloaded.
Aside from all of these stats, what I do wanna highlight is Elsevier is also part of RELX Group, and RELX is in top 10 of FTSE Share Index. Let's look at the history of Elsevier. The company was founded in 1880. We got into science publishing, entered the technology field. We had several acquisitions and mergers, entered the digital age, and in 2013 is when we got into information analytics. Over the course of the period, we have launched several of our flagship products, like ScienceDirect, Scopus, Reaxys, ClinicalKey. We've also acquired products like HESI. Unfortunately, where we are today is each of these products are on their own identity solution, which takes me to the vision of Elsevier, which is One Elsevier, and that is the shared identity that I'm talking about in my presentation.
Our mission is to provide users a frictionless and secure access to all the products in the company. The problem that we are currently targeting to focus on is geared towards our students. We want to help these healthcare professionals provide a technology that is as efficient as they are. We want this technology to be intuitive, device-friendly, and it delivers the content fast with seamless results. Why we think our customers should believe in our vision is because of the user experience that it has to offer to them, which is frictionless, it's flexible, we offer several login experience for the users, it's fast, easy to access, requires less frequent logins. And think about the different education content, the course material, trainings which students have to access, that they have either purchased with their individual subscription or with institutions. The access is all going to be seamless.
The benefits here is threefold. It's going to benefit us as a company, where we are going to show improvement in upsell and resell of the products. For students, we are making their life easy as they are searching the content that they want to access by making it all available in one place with a single sign-on experience. They can save time by not having to log in multiple times, and instead focus their time on education. Institutions are also benefiting with our vision, is where they are cutting down on the time that they have to spend resolving access issues. Instead, they can focus their time on their core mission, which is educating their students. Let's take a look at the architecture of the identity platform and zoom in on the center green box. You'll see a Auth0 logo here, and that is our identity provider.
We have coupled that with Keycloak as federation and access system. Together, this identity platform can not only authenticate users who are stored in Auth0, but it can also federate users who are coming in through external IdPs or if they are coming into social providers like Google, Facebook, Apple. Once these users are authenticated, they can access our education products like Osmosis, eBooks +, Complete Anatomy, ClinicalKey Student, all with a single sign-on experience. Once the users are authenticated, the access to the content that they are entitled is, however, managed in a different entitlement system, and that is integrated with the same identity platform. We also have couple of consoles, administrative tools used by internal and external admins, which is again integrated with the same identity platform.
These are the apps that the admins would use to manage their students, their organizations, the subscriptions associated with the organizations. I want to walk you all through the essential user journeys that we have developed using Auth0. I'll run this video, watch it, and then we'll come back to talk about the screens that we have developed. These are some of the essential user journeys that we have developed with Auth0. Some of them are custom screens, whereas most of them are the screens that's provided by Auth0's out-of-the-box features. What you're looking at here is the new ID registration journey. The screens that we have developed lets the user to register themselves, create a new account for the very first time. The user comes in, enters their email and password. The password is verified whether to meet Elsevier's standard password policy.
You'll also notice Elsevier branding. We have implemented our style guidelines, and the custom screen that you notice for this registration flow is the Check Your Inbox screen, wherein the user, after registration, is given a message to check their email to complete their registration by clicking the activation link. Few other screens that I'm going to walk us through are the Forgot Password journey. A user forgets their password, and it takes them through the screen where they enter the email, and that's the email where they'll receive a link to reset their password. Similar to the Forgot Password journey, we have the Blocked Account journey. A user enters incorrect email or password five times, the account get blocked, and we give them an email letting them know that their account has been blocked, and it's time to run through the Forgot Password journey.
This is the Sign-In journey, which handles two kinds of users: a user with individual subscription and a user associated with an institution. For a user with individual subscription, they can enter their username and password, and they are logged in. For a user associated with an institution, when they enter their email, we identify the institution they're associated with, and we redirect the user to the institution based on the domain of the email. All this is done through Auth0's Home Realm Discovery feature. As you watched the video, you would have noticed that some of the screens are custom-developed. You'll notice a lot of branding on the screen that is, Elsevier-focused. We have implemented Elsevier's style guides. The password requirements is as per Elsevier's policy.
So there is a lot of customizations that's gone into developing these screens, the flows, and making the flows as seamless and taking away the friction of users having to understand what each screen means. We are providing the guidance that they need as they're walking from one screen to another, either during the registration, password reset, or their first time of signing in journeys. We've started our identity journey with student as our key customer. However, the target state where we want to position ourselves is using the same identity of a user who started their medical journey as a student, and take this student through the different career path as they enter the profession of medicine, and they might change their roles in their profession, and at some point in their life, retire.
They'll be accessing different educational content and different content that's related to the profession that they will use in their day-to-day practice. We want to offer the user the same unified, seamless experience, being able to do the single sign-on and access different products of Elsevier seamlessly, secure, and with no friction. That is our target state, and that is the vision of Elsevier. This takes me to the end of the presentation, where I want to really highlight on the benefits of shared identity and how we have been able to empower Elsevier to provide a seamless, secure, and scalable access experience. The call to action here is, take the first step towards adopting a shared identity and elevate your user access experience. Invest in tools like Auth0 and future-proof your authentication system. Thank you for listening in.
If you have any questions, please feel free to post it in the chat, and I'll be more than happy to take those. Thanks again. Have a good day.
Identity has never been more important for securing the world we live in. Bad actors aren't breaking in anymore, they're logging in. To get security right, you have to get identity right. It's possible. It's Okta.
Hey! Well, thanks for joining us, everyone, for the fireside chat that we're having today, where Mars are going to discuss the passwordless journey that they've been on, and also the part that Okta has played in that as well. My name's Geoff Aldersey . I've had the absolute pleasure of working with the Mars team for the last few years, and that partnership and with that has pretty much I've been like a business partner with Mars as well. I can see that you're all looking forward to hearing about Mars' experiences on that journey. So we'll just initially introduce ourselves, so.
Good morning, everybody. Thanks for joining us today. Happy to take you on the journey with us. I'm Matt Pecorelli. I'm the Deputy CISO for Mars Incorporated, and I'd like to turn over my team to introduce themselves as well.
Good morning. Good morning, everyone, and really appreciate you guys coming here to hear from us our journey on the passwordless mission. I'm Santhosh Hegde, and I globally lead the product engineering organization for Mars Petcare.
Good morning, afternoon, evening to people who may be watching online as well. I am Sacha Yankovich. I'm the Identity Director here at Mars.
So before we take you on the journey here. Sorry, that's one slide too far. I wanted to level set a little bit. People know a little bit about Mars by some of our products, but I don't think everybody really appreciates the size and the scale, and I think this will help to underscore the complexity of what we do with Okta. So, and even this slide has aged already. We've been growing pretty rapidly. We're well north of 150,000 associates globally. Still owned and operated by the Mars family, founded in 1911. Operating over 80 countries around the world. We have several different industries.
Of course, the brands that you know and love in our confections business, M&M's, Snickers, Skittles, et cetera, as well as our pet nutrition brands. So, we have a huge pet nutrition business with billion-dollar brands like Royal Canin and Pedigree. We also have a large veterinary services business, now north of three thousand veterinary hospitals around the world. So providing that ecosystem within the pet world. You know, the fact that we're still family-owned and controlled and private also adds a different nuance in the way that we work, and the long-term view that we can take in the investments we make, and in the work we do in the security world, right?
We're constantly trying to think about where we're going to be in two years and in five years, understanding that business trajectory so that we can evolve our program accordingly. So hopefully, that helps to paint a little bit of the size and the scale and the complexity of who we are as Mars, and the interesting journey that we're on passwordless. Back to you, Jeff.
Okay. Thanks, Matt. So from working with Mars, what I've realized is that they are a really very huge, complex business, so they've got a multitude of different use cases that they need to be able to address. So what we'll do is we'll delve into it. And to start with, Matt, what role does identity play in from a general perspective within Mars?
Yeah, I mean, I'm really excited to hear the terminology, the vernacular that's starting to come out in both in the CISO forum we had yesterday, with the Okta leadership team and in what you heard in the keynote today. I really don't think that there's any way you can divorce the concept of security and identity. It has been a fundamental component of how you access the assets and data in any enterprise or in any customer interaction. And how you access the assets and data in any enterprise or in any customer interaction. Us, as security, also one of the true enabling services that we operate.
Most of the rest of it, and I loved the way Rani described that, you know, hopefully, most of security is nearly invisible and behind the scenes, doing what it needs to do to protect you all and our systems and data. But you really don't want it to be intrusive or in the way. Identity is one of those things that can be a true enabler. It's the thing that helps connect you to the assets, at the applications, the productivity that you need as consumers or as employees. And for us, with Mars, we really want to be able to quickly bring in many of our new acquisitions into the fold. Mars is a pretty highly acquisitive company.
All of the various diverse industries we operate in, we're constantly looking for new brands that would work in our portfolio and within our veterinary business, constantly looking for ways to add new hospitals and hospital groups to our team. In order to be able to get those new acquisitions access to the resources to help them grow, we use Okta as one of the first things that helps to bridge that gap.
Okay. No, that's great. And maybe to Santhosh, more from a customer identity perspective, what were some of the key challenges you faced with identity before adopting Okta? And on the other side of that coin, what are the main benefits you have seen or you expect to see?
Yeah, great question. Maybe a quick raise of hands when we talk about a pet care topic, you know, we like to bring our pets to the seats next to you as well. How many of you are pet owners or pet parents?
Wow, that's most of the room, for those of you online.
And for those of you-
You could all be Mars customers, right? So ...
Yeah, I would love to.
Okay.
For those who did not raise their hands, no pressure. And of those, team dog? And team cat? Oh, lovely. And both?
A real customer.
Now, you are truly the audience. Our customer identity is trying to solve for. Imagine through your pet parenting journey, taking your dog to a veterinarian, buying a nutritional food brands for your cat. It's a very complex decision-making along the way, and in today's day and age, you are transacting, interacting with multiple digital touchpoints, whether it is online or in your e-commerce locations or in clinics. And imagine in our landscape, where we are operating over 60 different unique brands within the pet care family, and you as pet parents are interacting with us to remember those 60 passwords while you are interacting with us. It's not fun.
So that's the journey we are on, to make it seamless and bring in a true transformational experience of pet ownership and pet parenting, and that's the mission we are on, and Okta has been on that journey with us, to support the core foundations of identity that comes with how we look at, you know, unlocking true value for our customers through that.
Okay, no, that's great, and I think with the sixty brands, having sixty logins as against one is quite a huge differentiator.
Yeah.
Yeah. Yeah. Turning over to yourself, Sacha, as you're responsible for providing the identity services within Mars, how did you prioritize the challenges that you had with identity, and what were the expected benefits in your decision to implement Okta?
Sure. So from a workforce perspective, we have a number of priorities. Obviously, we want to drive user to increase security posture, the user experience. Challenges we have are around. We don't know all the devices that people have. We have many different types of user personas within the organization. Adoption is a challenge for us, and obviously, benefits for us are obviously, you know, moving to a, you know, more towards a Zero Trust framework, that user experience. Where Okta has come to play for us is, so over the past five, six years, however, we've long had Okta. We've deployed Okta. We've moved all of our SaaS applications into Okta. So, you know, Todd mentioned you had 1,300 Okta. I think we've got over 15,000 applications behind Okta. All of those are Single Sign-On.
They're all using MFA. Our users are seeing, you know, using that on a daily basis and seeing the great value that that's providing to us, but that's kind of a entry-level where we want to be. Then, the other benefit, as Matt mentioned earlier on, we have numerous acquisition companies, so we bring into fold and integrate in those acquisitions within Okta, and enabling Okta as their identity provider, so they can both collaborate and share all the applications that we have within Okta. They can host their applications in Okta, so we can now provide them more security features as well. So it's kind of, it's been building a foundation and getting us ready to move towards that Zero Trust kind of environment.
Then, while we've been doing that, we've also been looking at the complexities that we have as an organization, so we have so many different personas. You know, we've got, I don't know, there's 50, 60 thousand knowledge workers. They may all have their own personal device, but then we've got factory workers, vets, doctors, all different types of workers that are working in a manufacturing environment that can't have a mobile phone with them, or they can't have, you know, their own personal device. They're using shared devices, shared kiosks. How do we bring that kind of passwordless journey to them? Because obviously, you know, they're all using, you know, security questions or low assurance levels, and that's what we want to be able to try to then start moving away from, and this is where Okta will be helping us.
Yeah, and also in, let's say, the veterinary side, et cetera, their biometrics are a challenge 'cause they're PPE'd up, et cetera, for health reasons. So that's-
Yeah, absolutely. We just, you know, there's so many different types of issues we have. I mean, this week, I mean, Friday, we're going down to LA to meet Antech, which is one of our science and diagnostics companies, and we want to see firsthand what they're experiencing, what issues they're having, you know, between moving between device to device, between lab and lab, and how they're interacting, and understand exactly what those users need and what we can provide, and then obviously use the toolings and the services from Okta to be able to enable that much better user experience with through passwordless for them.
Yeah. Yeah.
You saw firsthand last year, Jeff, right?
We, you know, as our customer success rep, you know, we wanted you to be able to experience some of the pain points. And for us, as a team, we all went last year, prior to Oktane, to one of our veterinary hospitals to just sit with them and sort of spend a few hours in their world. And to hear from the vet techs, you know, that need to log into a kiosk to get a lab result or a diagnostic result while they're holding, you know, a squirming puppy in their arm at the same time, makes it really challenging for them to pull for a second factor or to answer a security question. So thinking about those diverse use cases, right?
It's not just the administrator or the office worker, it's this very dynamic field that we're needing to think about designing solutions for. And one of the important things when we're choosing a partner is the ability for them to operate in this incredibly diverse landscape of use cases that we have, that, ideally, we can go with one partner that then adapts to all of these different use cases. It simplifies our ability to operationalize.
Mm-hmm. For sure. And maybe just to continue on with that theme, Matt, given the wide portfolio of businesses that you have within Mars, what were the primary drivers for moving towards a passwordless experience for your business?
I mean, I think that the key is trying to increase the level of assurance that we have for each individual authentication, that without going through something that's cumbersome. You know, again, you know, to reference what Rani said this morning, users will circumvent any perceived barriers that they have. And so, you know, we can ask you a million questions about, you know, things that are incredibly sensitive that verify who you are, but they'll take the simplest possible path if they can. And so, by increasing the level of assurance through the passwordless journey, we have the combination of providing something that is easier for the user, right? And, and that easier is better, right? I think we all appreciate that.
While at the same time raising that assurance level that we can have that high level of assurance that we know that user is who they say they are. That, to me, is, like, the perfect combination of our mission done in a way that is seamless to the user.
Yeah. I think invisible security is going to be the, one of the strap lines from Oktane this year, from our-
Nearly invisible.
Nearly, yes. Nearly. And Sacha, thinking about the typical need to balance security and usability on the passwordless journey, what was your approach to passwordless, and how have you leveraged Okta for that so far?
Yeah. What we've been doing with Okta is, obviously, since we've done the Okta Identity Engine upgrade, we now have the support and the capabilities provided by Okta to enable us to start to deploy across our environment. So things around, you know, we're by default deploying Okta Verify to every single managed device, whether laptop, PCs, mobile phones, to all the users. We're enabling Okta FastPass, so wherever a user can use that, then we, we're enabling that. Okta Verify on shared devices. So a big issue that we have, as I mentioned earlier, when in manufacturing, you know, we have shared iPads, and we've now been working with Okta closely, and we've now resolved, and we've got an issue fix where we can deploy Okta Verify with the PIN to shared devices.
That's a great way for us to then remove the security questions which users are using today, because they have no other option to be able to use. By being able to deploy that, that's literally tens of thousands of users we can remove that. Again, with Okta, we've been driving the low assurance removal, so SMS and voice. That's been completely removed from our environment, so we don't even provide that as an option anymore. And then what we're doing is, again, it's a journey. There's no silver bullet that we can provide passwordless for everybody.
As I mentioned before, you know, we have so many different personas of users, so what we want to try and do is address your knowledge workers, address your users that are using shared devices or kiosk or however it may be, but we want users to be able to use all the different variety of factors available, or high assurance factors available, wherever possible. So we want users to register for all the different options that they have. So it's not just you can use your, you know, biometrics or WebAuthn factor, you can use, you know, whatever is available. The higher assurance, the better. Then, what we're trying to do as well, is working with our application team, so we want to move it to the next level, where we can drive...
When we integrate a new application, they can drive the assurance levels that they need. So from our financial systems, if they require you have to be on a managed device, and you've got to use FastPass, we can then deploy that through Okta, you know, through the policies, and ensure that those users have to be using it. If then there's a guy who's in manufacturing who's using a shared iPad, he won't be able to use that financial system. He'll have to go back to, or they will have to go back to their PC and use it from a device where they can do that. This also, again, everything's internet-facing now, so we want to restrict the level of controls that people have in, or access that they have to applications currently, by driving, yeah, high assurance levels, for them.
Yeah, it's interesting 'cause we talked yesterday a little bit about sort of it's almost like a matrix, where you're looking at the user personas that you have, and then going across, you've got different sort of categorized applications where you require for more stronger security factors for some, et cetera. So is that what you've started to do, or is that something that you've-
No, absolutely. We've, you know, we're targeting the low-hanging fruit, you know, where we've got, you know, people in security or IT workers, where we know what devices that they have and what they can use, so we're targeting those. Then, obviously, we're looking at now. We're doing these. We're deploying it, the shared iPad, the Okta Verify and PIN, to our manufacturing environments, and the feedback from them is phenomenal. They're absolutely loving it because they hate the security questions. You know, we have guys in Hungary and trying to answer security questions in English, which it doesn't work for them. So having this and the usability, and that's one of the key things, is about the user experience. It's so much better.
Being able to get, you know, being able to convince those users about, you know, having that user experience where you can just smile at the screen or press the fingerprint, it's phenomenal.
Okay, fantastic. And Santhosh, looking at Petcare's digital infrastructure, you were talking about the 60, let's say, the 60 user stores that you have within the Petcare environment with the different brands. I'm assuming it's one per brand. Hopefully, it is that way. Can you talk a little bit about the drivers that led to the need for Okta's Customer Identity Cloud or Auth0, and what the passwordless journey looks like or what it would look like? 'Cause we know it's still relatively early stages for your Petcare customers.
Yeah. For us, you know, catering to the pain point of a pet parent and solving for those pain points, we feel that as a part of our mission, because the portfolio that Mars Petcare has is quite broad, and we feel that this is the need, that every pet owner and pet parent deserve a much, much better experience in their pet parenting journey. When you go with that purpose and objective, it's important to bring multiple of our brand experiences that you might have touched into one consistent experience, whether you are identifying yourself with that brand, whether you're interacting and personalizing your experiences with that brand, or even further, to be able to seamlessly interoperate in between different brands.
And that's the journey that we are on, and that's what makes it challenging, but at the same time, very exciting, to be able to solve such a pain point at scale, at a global level. The challenges are equally wide because this is a territory where we are not just looking at identity from a human perspective, we are also using Okta for identity for our pets.
So I was talking with Todd last Oktane, and I was like: We have a use case where, you know, we have Okta IDs for humans and for pets, because that's, that's the way we are able to associate the relationships in a household, in your care experience, in a way that would allow us to create that seamless, connected experience for you as a pet parent.
The second part is the user experience and the critical focus on that, 'cause, on one side, you know, the convenience factor is very compelling, but at the same time, the brand awareness and affinity is something that needs to be brought along on that journey, so that your consumers are fully informed, aware, and can build on the trust that they have found on your workforce products that you all have used or continue to use, and bring that into your personal lives as consumers of various experiences. And that's what, to us, is very compelling to go with best-of-breed, you know, platforms like Okta.
As far as the actual user experience or the pet experience logging into Okta, what-
Someday we hope that, you know, there will be a single sign-on experience for-
Pawmetrics?
... biometrics or even passwordless journey there. I'm kidding, but yes, you know, that would be the world-
Yeah
... that we need to aspire to build together.
Okay, thank you. Now, to each of you, just an open question really to each of you in turn, what are some of the key trends that you're excited to explore for both the workforce and the Customer Identity Cloud solutions?
Yeah, I mean, I'll say, you know, I'll jump right on the standardization train. Of course, you know, the more we can get our partners to speak the same language, the easier our mission is. And so I'm excited that when one of my strategic partners, like Okta, is able to use their voice and you know place in the industry to really affect change, it can be a really powerful thing. And, you know, as a customer, you know, I'm committed to doing my part to try and bring that change along in the industry. So, I think that's super exciting. I think it shows that this is not just a reactive-
... mission, that we have an opportunity to change the definition of the playing field so that we can be more proactive going forward. And if we're willing to look at these really hard problems, break them down, and tackle them, that, you know, there is a high degree of success potential. So I'm excited about that.
For the consumer side, I think what is exciting is the opportunity to create an impact for that holistic experience. Just as in your workforce, you know, logging in into any corporate system seamlessly is the outcome that you're looking at. You're not necessarily looking at, "Oh, yes, I'm so excited to get this two-factor code texted to me." At the same time, you know, when you look at it from a consumer lens, you know, there are a suite of products that all need to come together to create that holistic experience, and that, to me, is the most exciting part. To be able to bring in multiple use cases that, you know, honestly, we are still scratching the surface, and there's so much for us to unlock in that journey together.
And Sacha?
Yeah, for me, I don't know, I'll keep it towards the passwordless piece. So for me, it's passkeys are really-
Yeah
... super exciting because where we've removed the SMS and the voice options, we've seen, you know, a huge spike in people having to use security questions because they have no other method. Now, with passkeys, they can use device-based authentication on their mobile phone because they don't want to... You know, it's their personal phones, they don't want it to lock to verify. So, but the enablement of passkeys and the conversations we're having in our CEC sessions yesterday with the future of them, new capabilities that are coming along with passkeys, it's going to be hugely, a huge enabler for us. So that's something I'm really excited to hear, so.
Okay, fantastic. And finally, just in a nutshell, what piece of advice would each of you give to others here, who maybe are going on, about to embark on the passwordless journey, or they're on it, or, you know, they've got challenges, et cetera, that you probably have had yourselves? But what piece of advice would each of you give to others here as they try to balance security requirements with the user experience?
Yeah, I don't. I would say, first and foremost, don't underestimate your user community. People have a tremendous capacity to adapt and to change. They may need a little bit of enrollment in the why and what's in it for them. But in particular, you know, the thing that excites me most about passwordless, whether it be, you know, customer or workforce, it's easier for them, and that's what's in it for them. It's easier, but it's also a higher degree of assurance for them. It's their identity, it's their data, it's their system access that's being protected, and if we can provide that in a more seamless and easier way, you know, it's a win-win. But don't underestimate their willingness and capacity for change.
That is often the biggest barrier, is that organizations don't want that perceived disruption. Your users can handle it.
For us on the consumer side, bring your business in on this journey because, as much as you all would love to disrupt and bring this technology piece, it's important to bring your business partners along on that journey. Focus on the use cases that you are really wanting to solve for, and, I'm sure the technology is here, and that can be leveraged in a significant way to unlock that value.
I think I want to just reiterate what Matt's saying, it's the user experience, it's the user adoption. Making these guys aware of the benefits and the simplicity, easier is better. It's, you know, getting them to, you know, understand what the capabilities are, how much it, you know, improves their whole experience and how it makes it more secure for them and for your corporation. It's, you know, that's the key thingy, so that helps drive adoption, and, you know, just improve that overall user experience for the end user.
Okay, fabulous. Look, first of all, I'd just like to thank the Mars team for their time on this and sharing their experiences with us. I've absolutely enjoyed the last three years working as a business partner with them, and I'd like to thank them for, you know, the way that we do business together is really lovely, to be honest. Thank you very much for that. Also thank you to everyone here for their time this morning, and enjoy the rest of Oktane. Thank you very much.
... Hi, everyone. I am so excited to be with you today here on the Oktane Live Desk. My name is Corey Weathers. I have the privilege of leading one of our Auth0 developer relations teams that connects with developers in digital channels, and I'm just so excited. Now, I've got to tell you, we've got a fantastic surprise for you. You must have seen her playing earlier at the keynote, and we've got her here at the Live Desk to not only share a little bit about herself and who she is, but also perform live. So joining us now is an incredibly talented DJ. As a fun fact, because many of you may not know it, she creates music with code. She's here to tell us all about it. Please give a warm welcome for DJ Dave. Hi, DJ Dave.
Hi.
Welcome to Oktane. How are you doing today?
I'm doing great. Thank you so much for having me. I'm really excited to be here in Vegas for Oktane.
Yeah. Now, I gotta tell you, I shared a very little bit. You DJ with code. You've performed live earlier today. Can you tell us a little bit about yourself?
Yeah, absolutely. So I'm a live coder, producer, and DJ based out of LA. I make electronic music, and for me, whether I'm on stage coding or in the studio producing or DJing live sets, it's all about exploring how art and technology intersect in exciting ways that engage and connect with people.
I love that. I gotta tell you, I think code is creative, and so, you know, the developer in me is super curious, which came first, DJing or coding?
That's a great question. Live coding actually came first for me, and DJing kind of came second out of necessity. I was doing live-coded shows in underground venues that weren't exactly optimal audiovisually, and I quickly realized I needed to design a setup for myself that fit these new spaces that I was being invited into. So my hybrid set, that combines DJing and live coding ended up being my answer to that.
With you having a hybrid set, I'm really fascinated. What technologies are you using to bring this to life?
Yeah, so I'm using a combination of a live coding environment, which I would have on my laptop, and a pretty typical DJ setup of two decks and a mixer. And with this setup, I can use the feed from my computer almost as, like, a third deck or a third audio input that I can then mix into tracks being played on the CDJs. Alternatively, I also do sets that are just my laptop still, like the one I did earlier today.
Yeah.
And it's funny because people assume that these live-coded processes are part of a new, like, wave of technologies that we've seen over the past few years. But live coders have actually been using these live coding environments and doing performances almost exactly like mine since the early 2000s.
Well, and what's interesting to me, I mean, as a person who works in developer relations, I do live coding things all the time around the country. I had a chance to research you a little bit and saw on your Instagram you've done the same, showcasing your skills at different colleges and universities. So just, like, what's it like for you to be doing this out and about in the real world?
Oh, it's really amazing to, like, meet these new people that are also being exposed to, like, this kind of live coding for the first time, and my university tour was a really amazing experience. I got to meet so many amazing students, and it was exciting to introduce live coding to people for the first time. For some, it was their first time learning about it and trying it, but for others, it was more just, like, an opportunity to approach live coding from a new perspective.
Yeah.
The energy at each school I went to on this specific tour was so inspiring, and seeing their excitement for what's possible with coded music was definitely my favorite part.
I've been told that... You know, I saw you play earlier. We had a chance to play yesterday. You're gonna share a little bit of your talent on the fun Okta-issued laptop you've got in front of you, yeah?
Yes, of course. Yeah, so I'm gonna show you a little bit of live coding in a live coding environment called Strudel.
Got it. Well, listen, friends, we're gonna sit back. DJ Dave's gonna both share the code that she's actively building to legitimately get some music playing, and then additionally, we're gonna talk through a little bit of her code. So DJ Dave, the floor is yours.
Thank you. So yeah, if you can see my screen now, I have a little bit of code written. I have some graphic elements, of course, but the ones that are... Just to explain a little bit of this, this is how I actually started my set earlier today. So I have a section of code that is basically choosing notes within a certain scale. So it's doing an A sharp pentatonic scale. It's using a supersaw, and then there's a low-pass frequency slider.
Yeah.
If I run this, this is what it sounds like.
Wow, all of that with just four lines of code?
Yeah.
Wow.
This is pretty simple as is, but it's really easy for me to ramp it up.
Yeah
... and start making it sound even more cool, so, like, if I do this. There's also-
Oh, that's a nice change.
Thank you. There's also an opportunity to do, like, some visual elements, so it could look like this.
Hey, wow, now that just woke me up.
Yeah. Okay, so then, since this is a coding environment, I can add as much code as I want and layer sounds, so here's, like, a baseline sound to go with this.
Wow, and all of that just literally by stringing code together in a way that just makes this fun-
... engaging, and exciting, but in front of people.
Yeah, exactly. Yeah, and this specific environment is really cool to use because it's so intuitive. It's so, like, accessible visually for people to be able to draw that connection between the code and the audio.
That's right.
And it's just been really fun to mess around with this one specifically.
Now, I gotta ask a quick question.
Of course.
How big do the files get? Like, I'm looking at this, and I'm like, "What programming language is this?
Yeah, totally.
Like, how far can this go?
So this Strudel uses JavaScript.
Okay.
It's based on a different live coding environment called TidalCycles, which uses Haskell, but this is kind of like the web-based version of Haskell, I mean, of TidalCycles. I think this file that I was using to perform today, I think it's like maybe around three or 50 lines of code.
Wow!
It's pretty long-
I mean, that's pretty fine.
... but it also has four songs in it, so-
Yeah
... it's, like, all of the elements of four songs.
Yeah.
It's kind of amazing, actually, that it only takes under 400 lines for that. But yeah, it's this specific live coding environment is a lot of fun. It's also web-based, and like a lot of live coding environments, this one is free for everyone to use, so anyone who likes it should definitely give it a try.
I love that you can do this all legitimately on your laptop.
Right? Like, I, as someone who takes my laptop with me just about everywhere I go.
... I connect with developers, whether in airports or here at events like Oktane. I can quickly open it up and just show them the power of Auth0.
Totally.
Here it is, you can do the same-
Yeah
... with your laptop, just showing off what it is to create music with code.
Thank you so much. I'm glad you see it that way, 'cause I totally do, too.
Yeah. I mean, I think the other side to this is when you add on the full set and you've got the mixer, what I call the ones and the twos, you have a really good time sort of adding more elements to it, yeah?
Yeah, totally.
I gotta tell you, we are super, super, super excited to have you here at Oktane online. I know that folks are probably just getting introduced to you, who are watching at home. How can folks stay in touch with you?
You can find me anywhere online. My favorite places to connect with people, though, are definitely Instagram and Discord, so come find me there.
Well, listen, friends, you heard it here. We had the chance to get to know DJ Dave for just a quick second, to see some live code bring music to life here at the Octane Live Desk. Stay tuned. We have a great chat coming up with our friends at Species360. They're joining me in just a few seconds. Don't go anywhere, we'll be right back. Welcome back, friends. How cool was DJ Dave? I gotta tell you, I was really excited having that conversation with her, seeing her write code live, and the star power doesn't end there. Because I'm super excited to introduce you to Sara Hanley and Nicole Durante, joining us from Species360. They're here to talk about how their organization is using Auth0 to secure their user identities. Sara, Nicole, welcome!
Hi, Corey. Thanks for having us.
Same. It's great to be at Oktane.
Listen, we're super excited to have you both here. I wanna start with Nicole and just ask you to take a minute to introduce Species360 and a little bit of what you do at Species360.
Sure. So Species360 is a global nonprofit dedicated to facilitating international collaboration in the collection of data to improve animal and plant care and conservation, and we have over fifty years of expertise in this area. We have over 1,300 members in the zoo, aquarium, botanical garden, and the conservation community from over a hundred countries worldwide. We are a small company. There's fifty people, with about ten engineers.
Wow, what an amazing story and a huge scale! Let me stop and say thank you, because in doing my research, of which y'all have a blog on the Auth0 blog, I learned a little bit more about Species360, and in particular, that there are two platforms that power a good bit of what you do, one called ZIMS and Hortis. Can you explain a little bit of, of what they are?
Yeah, sure. So ZIMS stands for Zoological Information Management System and has the world's largest database of knowledge on animals in human care, with millions of records going back as far as the 1800s on more than 22,000 species of animals. Now, our members enter husbandry, medical, and population management data that allows them to care for their collections, as well as drive global conservation initiatives. Hortis is a plant records management platform that both zoos and botanical gardens use to manage their plant collections, and it is a relatively new addition to Species360, so we're super excited to expand our conservation mission to include plants.
The mission of what you all do is fantastic, and so I want to bring Auth0 into the conversation. Sara, can you share a little bit of what brought you to Auth0, and what problem you were trying to solve?
Yeah, absolutely, Corey. Our legacy application has served us well for many years, but it has become a bit of a dinosaur and, the decision was made to rebuild it from the ground up. Initially, what we were doing was building a POC that would tie together the, auth from our old platform together with the new platform. We knew Hortis was already using Auth0, so it was absolutely a logical place to start. It was free for us to try out, and very quickly, we were able to implement a solution.
Well, and I learned that you had had an internal solution already built for the ZIMS platform, and then you acquired Hortis. Obviously, you've just shared it was already on Auth0.
What was that like from an engineering perspective, updating the two approaches?
Yeah. For Hortis and for our modern application that we're building, it was really very plug-and-play as far as Auth0 was concerned. Our legacy application, it was a little bit more complex, but that was our dinosaur's fault, not Auth0's fault.
Well, and I have to ask, what made you consolidate with Auth0? Because trusting an external company-
Yeah
... with your identity needs is a really big ask.
Security is extremely important to our users, as it should be, and we knew a shift to a tried-and-tested approach would both serve our users better, as well as simplify our development plans as we move from our on-prem monolith to a cloud microservice architecture.
... we're also a small team, and the lift we got from using Auth0 instead of, spending that effort on building auth, we were able to spend it on features that our users want.
Well, and I'm super curious, how quickly did y'all start to see benefits from moving to Auth0?
Really very quickly. Our users got access to a lot of features we would have had to build from scratch. Out of the box, we got self-service password resets. We got a login screen with localization. We got SSO with external IdPs, which was something several of our members had been really clamoring for. We, in our microservices in the future, we're all gonna be able to utilize the OAuth 2.0 flow without any real challenges.
I love that we're talking about moving from a monolith to a distributed application with using microservices. Just-
Yeah
... how has that impacted your identity challenges?
With our old system, we had to solve the same problem over and over and over again. Who is this user? What do they have access to? With Auth0, we're able to consolidate that information into one place and reuse it in all of our downstream applications without having to reinvent the wheel. I'm also personally a big fan of infrastructure as code.
Yes.
I also use the Auth0 CLI to automate the creation and configuration of new tenants as we stand them up, and I'm able to confidently do that without having to think about it too much.
I love that for y'all, and the .NET developer in me absolutely loves hearing the story of how you're using fantastic tooling and support to really work through Auth0 to centralize your needs.
Now, I really want to understand, if we peek a little under the covers, what languages and tooling are y'all using to build your integrations with Auth0?
It's funny you mentioned .NET. Our legacy app is actually C#.NET with Ext JS thrown on top, which is a framework you've never heard of, for good reason, but our new stack is TypeScript, TypeScript, React, Kotlin, and Spring Boot. Initially, we started with the custom database connection script, so we could connect that legacy database to our modern application, and then we implemented Auth0's React library, and we were able to just plug it right into our front end and get going with Spring Security on the back end, and now we can utilize the OAuth 2.0 flow.
I love that, and a lot of what I'm hearing is really of a lot of how modern applications are built today.
Yeah.
You have a mix of technologies on the front end, a mix of technologies in the middle, and in the back end, right, for your data storage, and so I have to wonder.
Yeah
... like, as your use case has changed, has working with Auth0 made this a little bit easier?
It has. We really haven't had to think that much about auth once we did that initial setup. As we add more applications and more features, we really just get to build and keep going without having to think.
I love that. And so, you know, as we talk about moving from your own custom-built identity solution to really moving to something that is standardized and consolidated with Auth0-
... are there some additional benefits that you're looking to lean into now, right? Like, you don't have to spend as much time on identity, and so are you looking to invest time in other places?
So next steps for us are gonna be fully migrating our user management to Auth0 from our legacy system, and then probably the next part would be moving into fine-grained authorization in the not-so-distant future. Both of those things will be relatively easy for us to implement with Auth0.
I love that, and we've been talking a lot about just the technology stack, but I wanna sort of take a step back and talk about Species360's relationship with Okta, in particular, with the Okta for Good and Auth0 Startups program. Now, for those of you who don't know, Okta's vision is to free everyone to safely use any technology. The Okta for Good program helps to achieve that goal by making positive change in our communities using grant funding, Okta's identity software platform, as well as the passion and expertise of just Okta employees who donate their time to helping bring this vision to life.
And so just to give you a sense of the scale, just last year, that Okta for Good program supported approximately 4,000 nonprofits with $7.3 million in cash donations and an additional $6 million in technology and services donated for the cause. And so I want to bring Nicole into the conversation because I learned that Species360 has relationships with Okta through both programs, the Auth0 for Startups program and the Okta for Good program. Just how did these relationships come together?
... Yeah, sure, Corey. So when we got our first SSO request from our users, we needed that. We realized we needed to look for an outside solution. And then, as we mentioned, we acquired Hortis, who had already been using Auth0 as part of the Auth0 for Startups program. So through that, Alessandro became our rep, and then we had the Auth0 for Startups program to give us the licensing we needed to get started to see what would work for us and kind of do a POC. And then when we realized we were moving forward, Alessandro helped us get into the Okta for Good program and really helped represent us in licensing negotiations. He really went above and beyond for us.
I love that, and I love hearing of another way in which Okta employees are showing up to support the amazing work that you all are doing, but also amazing nonprofits around the world, and so are there specific benefits of the programs that have been helpful for you all in the work that you're doing?
Yeah, I think the main benefit is that we were able to, as a tiny nonprofit, offer our members a world-class identity and authentication solution that allows us to better protect their data, which is critical to our mission and to theirs, and we absolutely couldn't have done that without the Okta for Good program. I will say another Okta for Good benefit that we're planning on looking into soon is the Workforce Identity Platform. So we're really excited about the possibility of that as well.
I love that. And, you know, I think a large part of this has been that we've been talking about how Species360 has scaled both the ways in which they do their work and the ways in which they continue to use Okta to support that scale. And so as we're talking about, like, obviously leaning into authorization, are there more things that you're gonna be looking to lean into, either through the Okta for Good program or with Okta's platform?
Yeah. So Sarah actually mentioned this earlier, but we're currently looking into redoing how our authorization is implemented. With Auth0, we have authentication and a little bit of authorization, but most of our fine-grained authorization is done via our legacy solution and is, without a doubt, overly complicated. So we've actually been talking to our Okta partners, Victoria specifically, about the possibilities of using Okta FGA.
Oh, I love that, and we saw a fantastic demo of Okta FGA in the keynote just earlier, and so being able to do some of that through the Auth0 dashboard is just super, super powerful.
Yeah.
As we start to bring this conversation to a close, Nicole, I just wanna ask, we've talked a lot about sort of the Okta side of it. What else is next for Species360?
Yeah, so we're currently in the process of modernizing our entire tech stack, including rebuilding our flagship software offering, ZIMS. And we're in the early stages of realizing a longtime dream of ours, which is creating a data hub to help further serve species conservation throughout the world. And having partners like Okta, who have been so willing to work with us, to price their offering in a way that we can afford to integrate a best-in-class solution and not break our budgets, is absolutely critical to our efforts and our success. So if there's any other companies out there who would like to partner up with us, we love telling our story. We love having you share your, our story with your customers, so please reach out.
I gotta ask, as a takeaway for developers watching at home, Sarah, what's one bit of advice you'd have for those developers who still aren't sure and are building their own identity solution?
Yeah. Security is hard, and as tempting as it is to use an open source or home-rolled solution or... There's always gonna be an edge case. There's always gonna be something else out there that your users want. Do yourselves a favor. Let true experts take care of it for you.
With that, just a major thank you to you both for joining us today from Species360. For those of you who are curious to learn more about the work happening through Species360, visit species360.org. Then, let me just say, don't go far. We've got so many more amazing stories and content coming for you. Literally, in just about 30 minutes, we're gonna have a keynote recap, but on a couple of our Okta online channels, there's more to come from Schneider Electric and Arkose Labs. Stay tuned. We'll see you soon, friends.
Hello, how are you? My name is Manuel Palomino. I'm with Schneider Electric, and today I'm gonna talk about how we're using our identity and access management platform to build digital customer relationships, but before I start, I'd like to share a short video that will explain who we are and what we do, perhaps a little better than I can.
The world is full of people telling you who to believe they are, but we thought we'd tell you who we're not. Let's start here. We're not in shipping. We don't make lips. Seriously, no lips. We do this. We're good at this, and we make all of these. And even though you'll find us here and here, we don't make energy. We make you save it, which is just one way we help you make an impact. Are we an internet company? Well, we connect and power just about everything around you, helping machines talk to each other and to you, making your world more personal. We're seeking out the big questions and answering them honestly, like, "How can we make the most of our energy and resources?" or, "Can we make access to energy and digital basic human rights?"...
We're real people, employees, developers, partners, investors, and inventors, all passionate about making an impact. We're open, humans of all sorts from all over, learning from each other and about each other. We're not here to save the world. It'll go on with or without us. We're here to be your digital partner for sustainability and efficiency, to ensure life is on everywhere, for everyone, at every moment.
Schneider Electric has been a leader in sustainability for some time. We've been recognized quite a few times as one of the most sustainable companies in the world, most recently by Time magazine. We have about 150,000 employees in the company, and we have a network of partners that spans over 1 million people. Our product portfolio spans everything from electrification to automation and digitization. Today, in this presentation, I'm gonna take you from the very general, from the very big picture, and talk about the mega trends that are affecting our world today, but also that influence tremendously everything we do, our strategy in the company, and how we move forward.
I'll translate that into what are the challenges that that strategy presents for us, as we talk about reaching out to customers and creating digital relationships with them. Then finally, we'll talk about how we're approaching it with the support of Okta, and how we're addressing that through the identity and access management platform. Finally, we'll talk about the ultimate goal that we're after. In Schneider Electric, when we talk about sustainability, we refer always to five major mega trends that we see in the planet today. Obviously, climate change is top of the list. We have eight billion people in the planet, and the WHO estimates that about 50% of them are living in areas of high that are highly vulnerable to climate change.
The International Energy Agency estimates that we need to triplicate renewable power capacity by the year 2030, that's just five, six years from now, in order to have a chance to keep the rise in temperatures below 1.5 degrees Celsius. Another major trend that we're seeing is that our customers, and ourselves, our supply chains is evolving. We are leaning more towards shorter, regional supply chains, highly with a lot of redundancy, highly agile to respond to changes in the market. We're leaning on security, I'm sorry, on automation, heavily, to improve our efficiency and reduce our costs. Cybersecurity is always top of mind, with the forever-changing landscape in cyber threats, as well as regulation, and they want the supply chain to be sustainable, because sustainability is a competitive advantage now.
Digitization is key for achieving our goals of sustainability and efficiency, and it has accelerated even more with the advent of AI. But this, in turn, is causing a increasing amount of energy consumption. Digitization and AI require high-performance data centers. It has a huge focus on energy efficiency, and it's expanding rapidly. We intend to be in the middle of that transformation. Renewable energy is going to be the key for sustainable growth in the future, but what can we do today? What can we do right now? Turns out that 70% of the CO2 emissions could be addressed right now with existing technologies. Our goal is to empower our customers to take on that challenge.
Lastly, if you look at the economic growth over the next twenty-five years, we expect that to come in from India, Middle East, and Africa, and that means a huge amount of construction, new buildings, new factories, new infrastructure. Achieving that growth in a sustainable way is part of the goals that we have. Ultimately, our intent and our purpose is to empower everyone around us to make use of their energy and resources in the best possible way. This drive over for sustainability and efficiency is what, at Schneider Electric, we call "Life Is On." So let's talk about what that means in terms of digital identity and customer relationships. The challenge that we have in, at the moment, is that we need to build a comprehensive, cohesive, and accessible digital experience for our customers.
We're building a unified approach to software, where we want to be able to allow our customers, our users, to get access to all their data and services from every platform possible that we have. How do we facilitate the interaction with those for those users or those customers to our products, our software, and our services? That's the challenge we're trying to address. Now, if we were talking about a single business model or a common set of products or a specific market segment, that would be simple enough. But our reality is much more complex. Let's look at some of our customers. Let's start, for instance, with the buildings business. Their objectives are energy management and operational efficiency, and for the most part, those users are interested in managing connected products, monitoring site security, as well as conducting threat analysis.
Decisions are based on real-time analytics. They live in the here and now, but trying to achieve goals for the future. Contrast that with our customers in the consumer market. In the home automation markets, we are dealing with users that are more interested in ease of use. Security and privacy is very important, as well as reliability. Low cost of ownership also comes into the equation. Again, a totally different profile of business and of users. We have a major role to play in the IT industry as well, particularly in data centers. In here, we find customers that are interested in monitoring energy consumption. They're managing battery backup systems, and conducting safe shutdowns to balance power usage across their systems. Uptime and resiliency is the name of the game in this area.
Our products are aimed to provide that to the customers. The industrial automation area is very interesting, because you have here a single environment where multiple users are looking at the same data, the same set of products, with totally different objectives. Production managers are looking to optimize output, while you have technicians planning maintenance, ordering parts, and then you have production personnel who are monitoring the health of equipment. Managing or engaging with these facility managers, production engineers, and maintenance technicians is key for us to succeed. Lastly, we have our customers in the industries that generate electricity, a totally different profile of company, most of them operated by municipalities and energy companies. They're serviced by an army of contractors, and extremely sensitive to disruptions, and now very aware of the potentials for cybersecurity issues.
Again, a totally different perspective in how they interact with our products. Let's put aside the customers for a second. The next category of users that we're concerned with are our partners. We have an extensive array of partners throughout the world, distributors, installers, specifiers, panel builders, that enable us to be pretty much everywhere in the world all at once. Our success depends greatly in maintaining the relationship with them, building it, and growing it over time. If they succeed, we succeed, not just in business, but also in the sustainability aspects. We couldn't be a sustainable company if we didn't extend that to our supply chain, so our suppliers are also part of our scope. The idea is to involve them in the same initiatives that we have for sustainability that we're offering to our partners.
Now, take these different types of users, multiply that by the different types of interactions that they conduct with us. They could be in the IoT and IIoT sector, conducting device monitoring, or they could be in e-commerce, something that needs to be offered globally but delivered regionally. Then we have an array of business services that enable us to create orders, track shipments, check inventories, even look for equipment that is compatible with the system that the customer already has. We are a global company, therefore, we need to always be. Oh, I'm sorry, I apologize. We also have offers in all the different flavors that you can imagine. Web and SaaS systems are probably the most common one, but we have a huge exposure on mobile applications.
A lot of our partners operate just with a phone, and we have desktop systems. Beyond that, we have to be offering everything in multiple languages, because we're operating globally. This also means that we're supporting hundreds of applications from all our different lines of business and operations in the world, and each one of those applications needs to connect to a number of different back-end systems. Some of them are global, some of them are regional, and some of them are business-specific. That's the challenge that we have, and now let's take a look at how we are addressing it, and how we're moving forward with the help of Okta. What we're doing is creating the identity management platform.
The mission is simply to create a single digital identity for all our customers, suppliers, and partners, essentially creating a single sign-on environment across all of our applications and services. We also aim to accelerate the time to market for these applications by providing components that are ready to use, so that the development teams don't have to reinvent the wheel every time. We are gatekeepers of customer data quality. The idea is that we should have a one identity for each customer that is visible to all businesses and domains. And lastly, we're looking to standardize and be consistent in the way that we deploy user privacy and data protections across the board. We're leveraging Okta's CIC with universal flows heavily in this system. We went for it because it provides a consistent user experience.
Essentially, any application you come through, you will always have a very similar experience, regardless where you are in the world. It's very lightweight and simple, and it focuses on what's important. We want to get the user to either register or log in fairly quickly, and be ready to, to go. We don't want to be a barrier to entry. We don't want to be an interruption in the process. It's very adaptable. We can change the logos and the name of the application, and so forth, and integrates all of the security standards that Schneider Electric wants to implement across the board. Speaking of security, we're leveraging pretty much everything that Okta CIC gives us out of the box, bot protection is something that we quickly changed.
In fact, we are now using their protection across the board, and it has the no-click CAPTCHA, which has been a big hit with our customers that were not very happy with the original match a picture and that kind of thing, but we're also leveraging the IP throttling and the access protections. We are using a lot of the protection logs also to start looking at how to detect issues before they arise. We've developed a brand-new profile page for our users. The concept here is that whenever the user comes into us, whichever application or service they're accessing, they should be able to see their information in the same way. It's a modular system, if you can see the tabs on the left side, allows us to expand in the future if we need to.
It provides quick access to the most commonly used tools on the right-hand side, and all of the security and preferences are centralized in a single location, which in the past, we tend to have that distributed in different pull-down menus in various different applications. So now it's all in one place. One of the major changes that we're introducing is the use of progressive profile completion. Traditionally, an application will present the registration form to a user and will present all the fields that they expect them to complete. With the variety of applications that we had, there were variations on what information was being collected, and in many cases, some of the information was not relevant for us, for a user in specific cases.
So what we're trying to accomplish is provide a simple, common registration form, relatively short and quick, that gets the user logged in into the application. After that, the application is able to trigger completion forms at any given point, depending on what the user is trying to do. So, for instance, if a new user register and comes in into a, an e-commerce application, for instance, by the time that they go and click on the checkout button, the application will trigger an additional screen that will collect the necessary information that will allow them to proceed in that fashion. We've also implemented dual identity across the board. This means that users can log in, can register and log in with their email address or their mobile phone number.
This is a big effort for us because we're trying to merge two sets of population that in the past were always separate. We have a large amount of partners, particularly electricians, working all over the world, and these are very small businesses. Many of them operate entirely out of their cell phone. They were not able to participate of, on the same product, on the same programs and applications that we had, that, on the other side, where the requirement was to have an email address to register and log in. So now we're able to allow everybody to participate in all of the services that we have, plus, we have the convergence going forward, that you can the option of do either or both.
If, let's say, an application is not quite ready to register a user using mobile number because they don't know how to identify him that way, we can always present a profile completion page that allows the user to enter an email address to move forward. And finally, keep in mind that our core business is B2B, and reducing friction in the gathering of new customers, of new users, new registrations, is hugely important for us. The self-registration form is key, is what gets used the most. However, we've rolled out a variety of different options, particularly for our partners. Some applications allow users to log in with using their social identity providers. That's something that application can choose to turn on or off.
We have something called delegated registration, where a Schneider Electric administrator would pre-register someone, fill their profile as much as possible, and then issue an email to them, inviting them to go into the application, and at their first login, all they have to do is enter a password. Because we were creating the app, the profile from the beginning, we can ensure that that user is associated with the correct accounts internally, so their access management is already completed, and they don't need to fill out any other forms. Similarly, somebody working in a company could issue an invitation to another colleague or a peer and send them an email or a note, indicating that they could log in now into this application, and all they have to do is, again, enter a password.
For our partners, we have the capability of providing us with a list of their employees. So let's say we're onboarding a new partner, and they can give us a list of all their employees. We can actually pre-register them, again, linking them to the proper ERP or CRM accounts, and then the users, all they have to do is enter a password at the beginning. Again, all of this with the intention of reducing friction in terms of registration. And the last thing that we're doing, we're beginning to roll out now, is third-party IdP federation for our larger customers and our larger partners, where we would allow them to log in using their company's credentials, in that case, the username and password.
All of this comes together for us because we have essentially one goal. We are trying to be the undisputed leader through our digital portfolio, not just as our products, but we wanna make sure that everything, any interaction that we have in the digital level, we are able to bring the customer and keep him engaged. We are on a journey. We're coming from a very fragmented digital experience. Our goal is to achieve a more seamless, end-to-end digital experience for all our customers across all our businesses. Thank you very much.