Go Back

Are You Prepared for Okta’s New Customer Data Retention Policy?


Brendon Rod

Head of Marketing

Understanding Okta’s Policy Shift and Acsense’s Resilience Solutions

In the fast-paced world of digital security and identity management, staying informed about policy changes is crucial.  Okta, a trusted identity and access management leader, is gearing up for an important update to its Customer Data Retention Policy. This change impacts how long your valuable System Log event data will be stored. In this blog post, we will cover the current retention periods offered by Okta, changes to their Data Retention Policy, the actions you might need to take, and how to ensure a smooth transition.


As part of Okta’s Customer Data Retention Policy, they offer a standard 90-day system log event retention. This retention policy stores System Log UI and Logs API for 90 days. However, for customers who require a longer retention period, Okta also offered a feature that allowed customers to increase their retention period to 180 days.


Changes to Okta’s Customer Data Retention Policy mean the extended data retention period will no longer be supported.


Important Changes Ahead

On October 5, 2023, Okta is implementing changes to its Customer Data Retention Policy.


The most notable policy change is the removal of the extended 180-day retention period. On October 5, organizations with the 180-day retention period will revert to the 90-day System Log Retention period. Customers are not required to take any action, as this change will occur automatically.

However, for customers who do not wish to revert to the standard 90-day retention period, Okta is offering an extension. This extension must be requested by October 5 and provides customers with an additional 75 days before updating their retention policy to the standard 90 days.


If an extension is requested, the new date for the policy change will be December 19, 2023.


What Actions to Take

For Okta customers who are not using the extended 180-day System Log retention period, no action is needed.


However, for customers who do utilize this feature, Okta recommends utilizing an external system to export and store extended System Log event data. More information regarding export methods can be found via Okta’s documentation on Export Okta log data.


Creating an export process and external storage system for longer System Log event data retention can be an involved process. Should your organization need more time to prepare for this change, Okta is offering a 75-day extension. To request this extension, you can complete this form. Alternatively, an extension can also be requested via an in-app notice that is available to Super Admins through the Okta Admin Console dashboard.


This extension can be requested by any Super Admin within an organization and is organization specific.


Preparing for Okta’s Policy Change

Impact on Organizations Using 180-Day Retention
For organizations utilizing the 180-day System Log retention period, the upcoming changes in Okta’s Customer Data Retention Policy require preparation. If your organization relies on System Log UI and Logs API data events older than 90 days, it’s essential to establish export processes and external systems to store data beyond the 90-day limit.


Extension Option for Transition
To ease this transition, Okta offers a 75-day policy extension. This extension shifts the effective date to December 19th, allowing more time for organizations to adjust their data storage strategies.


Acsense’s Response to Data Retention Needs

Offering Comprehensive Data Retention Solutions
At Acsense, we recognize the crucial role of data retention in IAM resilience. In response to Okta’s discontinuation of the 180-day retention option, Acsense continues to provide immutable backups, unlimited data retention, air-gapped backups, and adherence to the 3-2-1 rule, ensuring that your data is always available, secure, and compliant.


Advantages of Acsense’s Data Storage

Unlimited Data Retention for Flexibility and Security
Acsense’s commitment to unlimited data retention means you have continuous access to your backups, without the need for complex external storage solutions or export systems. This approach offers significant flexibility and security for your data.


Immutable Backups for Enhanced Data Integrity
Understanding the vulnerability of mutable backups, Acsense guarantees that once a backup is made, it remains immutable. This fortifies data integrity and security, especially critical in the event of insider threats or cyber-attacks.


Prioritizing Data Security with Air-Gapped Storage

Ensuring Maximum Protection Against Cyber Threats
Acsense’s use of air-gapped storage for backups provides an elevated level of security. This method ensures that data cannot be accessed via network devices, offering robust protection against network hacks and data breaches.


Aligning with Industry Standards: The 3-2-1 Rule

Meeting Compliance Requirements Effortlessly
Acsense’s storage strategy naturally aligns with the 3-2-1 backup rule – a standard across various industries.
This rule advocates for storing three different copies of data on two different media types, with one copy off-site, thus ensuring comprehensive data safety and compliance.

Retain your data Securely with Acsense

To ensure the IAM resilience of your data, Acsense offers a robust feature set, including immutable, air-gapped backups, unlimited retention, and compliance. The advantages of these features are clear, especially against the backdrop of Okta’s recent policy change. As the Enterprise IAM Resilience Platform, Acsense empowers security, IT, and GRC leaders with immutable backups and unlimited data retention housed in an air-gapped environment.


Acsense offers the peace of mind that comes with automated backups, one-click recovery, Point-in-Time investigation and restoration, and continuous data verification. Together, these features minimize IAM downtime and the costs associated with downtime events.


With the recent changes to Okta’s data retention policy, it’s crucial your organization can securely store and utilize data past the 90-day retention period. Acsense offers not only unlimited data retention but also exceptional backup security in the form of air-gapped environments, immutable backups, and 3-2-1 compliance. 


Schedule a demo with our Acsense experts today and discover how our IAM Resilience Platform can strengthen your system against emerging threats and ensure robust business continuity. 





Looking to stay in the loop on the latest IAM trends and updates?


Subscribe to the FiveNines IAM newsletter today and gain access to exclusive insights from industry leaders, groundbreaking companies, and global news outlets. Don’t miss out on the must-read monthly newsletter that delivers the juiciest edition yet of IAM resilience.


Subscribe on Linkedin now and stay ahead of the curve!

Scroll to Top
Skip to content