We been focussing on Zoom gaining from the shift to working away from the office, but how about Okta (sign in from anywhere) and Crowdstrike (end point protection when you sign in)?
I’m definitely not a techie and don’t really understand all these companies do, but I’m just wondering. Does anyone with more knowledge have a thought?
Saul
Hey Saul, I’m a software engineer. My answer on this is that I don’t think so, but I am mostly just taking a best guess here.
Crowdstrike does bill its clients per endpoint per month (https://www.crowdstrike.com/endpoint-security-products/) So, if companies are making employees work from home, and some of those employees don’t have laptops yet, and their companies make them get new laptops, then there could be some more business (new end points to bill) for Crowdstrike. I don’t know, but I doubt it will be meaningfully enough to move the needle (most people who need to work from home probably already have laptops).
The purpose of okta is to connect any person with any application on any device. Does Okta get paid per device, thereby benefiting from an increase in the number of devices needed? A quick scan through https://www.okta.com/pricing/ says that okta does not get paid per device. But, I’ll bet this came up on the conference call earlier today, so when there is a transcript available, we will have a better idea.
I mostly lurk on this board (trying to change that this year because Saul and the board he has cultivated are AMAZING), but the truth is that you guys have a better understanding of software than you give yourselves credit for. I promise if you guys get something about software engineering wrong I will speak up 
Quick tangent: you might be selling mongodb too soon, but given its decelerating revenue and mounting losses, I understand the case to sell (but FYI I held mine).
Also disclosing, I am not by any means a domain expert on end point security or identity/access management.
Hi Saul,
Obviously, no one knows for sure, but I solidly expect any gains for our companies due to people working from home to be fairly short-term, except that this might speed up the introduction to new programs and platforms. But if the virus does happen to linger into and through this summer (in our hemisphere) then one would expect business to slow enough down worldwide, and that eventually a considerable number of employees would be laid off.
If you look at market charts during other “catastrophes” you will find that more often than one would expect, the market has risen in these times, often considerably so. This is not to say that the possibility of a pandemic isn’t very serious; it is indeed serious.
Specifically to your question: Yes, short-term, many SaaS companies will probably see (or likely already have seen) some level of a spike in business. But if you lengthen the time frame, and imagine the infections swirling around the globe for more than a few months, you will likely start to also imagine the decline in GDP’s globally which could easily reach the extent where even software and cloud companies could have a hard time reaching their goals, sandbagged or not. Yes, the products save money, but they aren’t free and it takes profits for the circle to complete.
Methinks we’re in rather new territory here, but past calamities do offer a little bit of an idea of how markets and business might react. The good news is that it’s hard to imagine a niche that could have the durability of the cloud and software companies that many of us own.
I think the best (and even the most profitable!) outcome for all concerned, would be for the virus to be contained and eventually eliminated, all rather quickly, and for governments to be mindful for the next epidemic to come along. Then for business to continue as it has been and kicking butt from the cloud.
I suspect that a year from now, one of two things will happen. Hopefully we’ll all be laughing at our “grave concerns” back in early 2020. It’s either that, or a lot of us will be … gone. And of course that isn’t good for business either, not to mention that at 67, I might end up in the wrong pile.
So I vote for Business as Usual, and say let’s take advantage in the market while others are distracted with their breathing masks. Unless we build a giant bunker, what other way is there to play it?
The time to be scared is when Raptor sells AYX below a 20% position. If that happens, forget the above and … RUN LIKE HELL!
Let’s talk stocks. I’m opening the books on NET and LVGO, NET first. Looking good so far.
Dan
We used Okta where I last worked and it was great for enabling secure single sign-on to applications in the cloud. The advantage is it allows a company to easily add new employee’s access to apps. But more importantly, it also allows a company to easily turn off access to apps when an employee leaves. Vital if you ask me. Who can remember, or has the time to reset all the apps a single employee has access to when they leave? It has other security features that help prevent unauthorized access to apps.
In my opinion, Okta is a misunderstood company that’s third-party position as the neutral gatekeeper to employee app access puts it in a more powerful position than most non-techies understand. The TAM is massive. Plus the service provides an obvious utility that a CFO will pay for in, in addition to making the company more secure overall.
Quick tangent: you might be selling mongodb too soon, but given its decelerating revenue and mounting losses, I understand the case to sell (but FYI I held mine).
Oh no you don’t, Vinegar101! You don’t get off that easy!
Please tell us why you held you Mongo by starting a new thread.
We value the diversity of opinion and need yours.
Jeb
I’m also a software engineer, and the company I work for uses Okta.
For those not familiar with how it works, the Okta client is installed on your phone, and part of a 2-factor authentication process. 2-factor is a relative straightforward concept: it’s based on something you know (a password), and something you have (a token). With Okta authentication, you first log in with your password, then a “push” is sent to the Okta app on your phone. You get a popup notification where you acknowledge “Yes, it’s me”, and it responds to the server allowing you login to complete. In this way, your registered phone serves as the security token. Of course, for the phone to be set up as your token, you had to set it up by logging in to a specific service on the corporate network and get a certificate installed. It’s been a while, so I don’t remember specific details, but it was easy to set up. The phone is also secured with its own device encryption and required pin login.
We use Okta in a couple of ways. We use it as our VPN login (40k foot overview: a VPN is used as a secure method for tunneling into the corporate network when working remote). Okta has also become the login for several web based services that we use. Interestingly, since we started using Okta, our IT dept has allowed some of those web services to be reachable externally through an Okta login, where previously they were required a VPN to reach them.
Prior to Okta we used various hardware and software based token systems. I find Okta’s “push” system for validation to be much more user friendly, and would recommend it to anyone.
Disclosure: Currently hold about a 4% position in Okta
This is a blog post from Beth Kindig - known and followed here by several about the recent RSA conference in San Francisco. It basically describes how competitive and crowded the security space is and how the fast growing upstarts (CRWD and ZS for example) are at a great disadvantage for several reasons including their large S&M spend. There was a thread around this last month that I can’t dig up but basically reflected the challenge of investing long term in this space.
https://www.marketwatch.com/story/these-companies-will-be-ki…
John
Our company also uses Okta. It is an amazing product - so helpful and so easy. I cannot imagine going back to the days when I didn’t have it and I get mad whenever I need to log into an application that doesn’t support it.
I have no position in Okta.
Jeffbrig…thanks for the explanation. I am long on OKTA.
However, I recently signed up for 2-factor authentication with Etrade. The Etrade platform uses Symantec VIP where you register for a Credential ID and are then easily and routinely/on-demand supplied with a 6-digit Security Code via the Symantec VIP App installed on your phone. In essence, the Symantec VIP App on the iPhone is standing at the ready and is constantly generating 6-digit confirmation id’s that evaporate every 30 seconds. If you don’t enter the confirmation ID within that 30-second period, it generates a new 6-digit confirmation code.
So, when I log into Etrade on my computer or on my iPhone; I put in my standard account password and then refer to my Symantec VIP App where it automatically generates the 6-digit confirmation code for me to append to my password. In essence, main password + 6-digit confirmation code; both entered at the same time since the 6-digit code is simply added to the end of the standard password. No need to wait for the text message with the code to be inputted separately.
Additionally, if you use Face ID on the iPhone; I can sign into my Etrade App on my phone using Face ID and then it prompts me for the 6-digit confirmation code that Symantec VIP has generated on my phone.
Genius…
However, I recently signed up for 2-factor authentication with Etrade. The Etrade platform uses Symantec VIP where you register for a Credential ID and are then easily and routinely/on-demand supplied with a 6-digit Security Code via the Symantec VIP App installed on your phone. In essence, the Symantec VIP App on the iPhone is standing at the ready and is constantly generating 6-digit confirmation id’s that evaporate every 30 seconds. If you don’t enter the confirmation ID within that 30-second period, it generates a new 6-digit confirmation code.
So, when I log into Etrade on my computer or on my iPhone; I put in my standard account password and then refer to my Symantec VIP App where it automatically generates the 6-digit confirmation code for me to append to my password. In essence, main password + 6-digit confirmation code; both entered at the same time since the 6-digit code is simply added to the end of the standard password. No need to wait for the text message with the code to be inputted separately.
Additionally, if you use Face ID on the iPhone; I can sign into my Etrade App on my phone using Face ID and then it prompts me for the 6-digit confirmation code that Symantec VIP has generated on my phone.
Genius…
So this is how 2-factor tokens were typically generated before Okta. I had an RSA SecureToken probably 15 years ago that did exactly this - rolling code every 30 seconds. First, a physical token generator, later a software token generator installed on a PC (with necessary certificates).
What Okta has done so brilliantly is getting past that step of needing to look up and copy/type that 6 token code as part of the password field. I type my regular password. If that passes, it shoots a secure message to my phone. I open up my phone and click “Yes, it’s me”. No copying, no typing numbers. It’s 1-click.
Trust me, once you’ve used it a few times, it’s much faster and vastly superior - especially when logging into multiple systems/services that require this type of authentication. I would be very interested to know if Okta holds patents in this space, as that would be a huge moat around what they do.
Trust me, once you’ve used it a few times, it’s much faster and vastly superior - especially when logging into multiple systems/services that require this type of authentication. I would be very interested to know if Okta holds patents in this space, as that would be a huge moat around what they do. - jeffbrig
Excellent points. I’d love to use a system like that. But, yes, the IP is critical. Anyone have an answer? Is this Open Code programming?
Answering my own question… At least somewhat. Yes, it seems like Okta holds quite a few patents related to single sign on and identity management. I’ll need to do more reading, but here’s what I found in a quick search.
I cannot speak to patents but I use three systems in my digital world. To access my brokerage at Fidelity I use Symantec, which uses the old method (user types in token, extremely annoying). To access my workplace digital environment we use Duo Mobile, which was bought by Cisco and uses the Okta method (sends my phone a push notification that I click). The latter is definitely more convenient but clearly not proprietary to Okta. A third method, the best of all, sends a push notification to my phone and I use my fingerprint. My interactive brokers account uses this method. It’s the most convenient but also the most buggy. Not sure if that’s because of the ibkr implementation or a problem with the software provider. It seems to have compatibility issues with the iPhone password manager.