Okta, Inc. (OKTA) Earnings Call Transcript & Summary

Thank you for joining us this afternoon, and welcome to our next session of the Morgan Stanley Zero Trust Virtual Conference. Very pleased to have with us from Okta, Co-Founder and CEO, Frederic Kerrest. Frederic, thank you for joining us.

Thanks a lot for having me, Keith. Excited to be here.

Excellent. So the theme of the conference is zero trust architectures. We're hearing that phrase a lot. Hearing it from a lot of vendors in a lot of different contexts. Two things I want to sort of get your view on. One, what's the Okta perspective on zero trust architectures and kind of really what it means? And two, where does Okta solution fit into that? We hear a lot about identity in relation to zero trust architectures. Do you really sort of help us understand why identity is so important in that equation?

Yes. Absolutely. Happy to do that. So thanks again for having me. Very excited to be here today. I think that there's a huge opportunity ahead with zero trust architecture, so I'm very happy you're putting this conference together, Keith, and the rest of your team. So to Okta, zero trust means that you look at all of this adoption of mobile and cloud and the acceleration of everyone working on any device, anywhere from anytime, and you no longer have the network perimeter-centric view in security, right? You're working in an airplane, you're working in a -- well, you were working at an airplane. You will, again, at some point in the future, be working at an airplane. Or from a hotel or from a Starbucks or even we all just moved to home very quickly. And instead, we need to securely enable access for all the various users, employees, partners, contractors, regardless of location, device or network. Moreover, everyone is walking around with $1,000 iPhones today, and companies don't want to buy that nor do we have the resources to do that for 10,000, 20,000 employees. At the same time, they want me to use this supercomputer that I have in my pocket and use it for business purposes. So here's a good situation. How do I, as an employer, make sure that my employees can actually use all these applications from wherever they are on their little phones in their pockets? And I think that's the big opportunity. So there's no silver bullet, I think, when it comes to achieving a zero trust secured architecture. But identity access management is obviously the core technology for that. And organizations, a lot of times, are starting to talk -- as far as starting with zero trust, so we can talk about a whole bunch of customer examples at the top of it.

Sure. Sure. And I guess, my follow-on question on that is, is this something that customers are talking to you about? Like one of the things we're trying to figure out, is this a kind of marketing sort of PowerPoint presentation from vendors of sort of how to think about all our technologies holistically? Or is this actually something that customers are asking about, that we want to go towards a zero trust architecture and utilize Okta sort of to help us get there?

Yes. I mean I think there's been a lot of noise about zero trust and what it really means has become kind of a buzzword. It's kind of like digital transformation in everything and nothing and whatever else you want it to be. So I totally agree that there's a lot of that flood going on. At the same time, there are -- it is a real thing for customers. I'll give you an example. We have been working now with FedEx, obviously, the large supplier and mover of shipping of goods around the world, for some time now. I went personally down in Memphis, worked with them in headquarters a number of times. And they brought us in because they had, among their base security architecture framework and vision, something called zero trust. And this was like 6, 9, 12 months ago, they already had it. But we actually became -- they became a customer of ours because of their zero trust initiative. Now obviously things have accelerated dramatically over the last 4 or 5 months with the COVID-19 pandemic. But a very good example of that is actually FedEx had this whole plan to go live, sure, steady, go as you go, have a whole plan ahead of it, make sure it's well done. And then they actually might go live to 85,000 employees, 250 apps over a weekend. So I was talking to Gene Sun, the CIO, in like February and March, he's like, yes, rollouts are in February. He's like rollouts planned for April, May, June, we're super excited about it. They called us in March and goes, "Guess what? We got to go live this weekend." We're like, "Okay." So it went so well, in fact, that at earnings a month ago, we put out a press release with Gene about their successful go-live in deployment. But you can see that these are things major international organizations, been around forever, all sorts of infrastructure have a vision for zero trust and it's like, boom, I got to get it going this weekend, and they can now do that. And I think that really speaks to not only the importance of it, but the power of implementation and how quickly you can get things up and running at a modern security environment.

Got it. And just want to understand sort of the causality there. So we were talking earlier, zero trust architectures are really about enabling trust in a more distributed world where you can no longer rely on the corporate perimeter for your security, your visibility, your control or your policy. You now have to go to a zero trust architecture, which enables trust between individual devices, individual users and data. And the COVID crisis is just an accelerator on that distribution. That's what's sort of causing this higher priority, this need for speed, if you will, from your customers like Fedex?

I think that's right, right? Because zero trust, very fundamentally, is just making sure -- so you don't have the 4 walls to the firewall and the VPN token to get in, in the back of building. That was the security infrastructure and perimeter that everyone understood 10 years ago. You don't have that today. It's does the right person have access to the right data, from the right device with the right times in the right place? That's the very simple version of zero trust, and you want to make sure that, that authentication is continuously monitored and checked. So if you think about traditional security architectures, they're built for 2 groups in mind, right? Trusted individuals are able to access everything inside the organization and untrusted individuals outside the organization. And security and IT teams have invested in these defensive systems that protected the barrier between those 2 with firewalls and PPMs and all sort of stuff. As we've all gone home, as we've all gone on all these devices, as we're starting to use the iPad that our kids are also playing with to go check e-mail and everything else, you just want to make sure that the right device has access to the right information at the right time. And I think in this cloud mobile world, like you said, more people are accessing resources and data from more devices and locations than ever before, and they're doing it like instantly, like over a weekend. We had a large financial services customer, typically had 18,000 of their 100,000 folks work remotely before COVID. Within a weekend, it went from 18,000 to almost the full 100,000 and their VPN was like coming to its knees because it wasn't designed to handle that scale. And those are -- that's a very real situation. You're like, oh, man, my employees can't work tomorrow, it's Monday. Those are real driving situations of new giant technology transformation that I think are very exciting.

Got it. Got it. That is very exciting. So can you talk to us what happens to those -- the legacy architecture? So now we're setting up these zero trust environments. When you think about a big corporation like FedEx, they have a ton of -- in their invested capital and their security architectures. They have firewalls there and the IPS protection and web security. Does this layer on, on top of this? Or is this a replacement for what they were doing before? Like, how does the zero trust architectures, in particular, how does Okta come into this environment?

Yes. So that's a good question. Well, first of all, enterprise IT is notorious for not throwing anything away. They buy new things and they Google them on the front, right? They want to make sure they take advantage of the resources and the investments they made before while still taking advantage of the transition or where they can possibly go. So that's the short answer is, no, they've got all this infrastructure, and they're trying to say, okay, now how do I move it forward? So in a lot of cases, it is going to be a roadmap process of, okay, I quickly got all the 80,000 employees who now are working remotely up and running on this system. We augmented the VPNs. We've got them around the VPNs. We have all this new infrastructure. Okay, let me take a big breath. Now it's working. Now let me think about what are we going to be able to decommission, what are we going to be able to accelerate the move to the cloud, where I'm going to make these new investments. I think that's exciting. But I will also tell you that I'm seeing a trend more and more of CIOs, CTOs, CISOs who either have been around the industry a long time or have been with their specific company a long time and have a lot of political clout, they realize that this is a huge once-in-a-generation opportunity for them to do a huge acceleration and move to modernize the transformation. So they're saying, "Yes, yes, I got to get everything up and running on Monday morning so the 100,000 employees, they work." But now that I'm taking a breath, I'm going, "Hey, this is the chance where I could really leapfrog, where I can put aside all the legacy stuff I'm going to retire because they're realizing getting into my data centers, accessing my on-prem infrastructure is super hard running. I basically can't do it." So they're like, "Wow, now is a good chance for me to say all those plans that I had, let's fast-forward them." I think a great example is e-commerce. Everyone's seen the numbers. The e-commerce as a percentage of commerce in North America over the last 10 years before January of this year had gone from like 5.7%, 5.8% to about 16% of e-commerce. In the last 4 months, it's gone -- e-commerce has gotten 16% to 27% of all cost. So 4 months, we done what we did in 10 years. That's not going back. And those kinds of leapfrog technology moments, this is one of those and smart people know how to take advantage of that.

Got it. So we're talking a lot about the pace of adoption of these technologies. I want to talk about the market opportunity, particularly the market opportunity in front of Okta. So at your recent Analyst Day, you guys talked about a $55 billion TAM. And that's up pretty significantly from what we were talking about at the time of the IPO about 3 years ago, you're talking about $18 billion. So part of that increase is you stand out from sort of the core Okta, which was focused on B2B, sort of how does the company secure identity and secure access for their employees. And now you have a consumer identity bandwidth that adds a big part to that market opportunity. But even in the core workforce identity management, that core's been expanding a lot. We've gone from like the $18 billion to the $30 billion. Can you talk to us about how you guys calculate that $30 billion? What does that represent? And what's been driving that growth from that $18 billion to $30 billion? What's been the big driver behind that?

Yes, absolutely. So yes, so as you said, we went public in April 17, the Okta TAM was about $18 billion. That was largely just workforce. I mean, you've got to remember, workforce has been known as traditional enterprise identity management. It's been around for 30 years. People have been buying this legacy infrastructure from CA, Oracle, IBM, RSA, all the old on-prem stuff, so it was pretty easy for the analysts to say, hey, to call all these CIOs and say, hey, what was their line item budget for identity management. Okay, this is what's going to be in a workforce world. So dynamics are very different, plus identity management, as you mentioned, because it's been a build versus buy. Look, people can put up websites and passwords and reset users and passwords and DMZs all day long, but now it's getting super complicated, it's getting tricky. You got security. No one wants to be on the front page of The Wall Street Journal. You've got a customer identity and access management that is now in the line of business. So it's run by a Chief Revenue Officer, Chief Digital Officer, like time to market is super important. Securities enhanced, I want MFA, I want a password reset flow. I want all these complicated things, and I got to get that going. You're now starting to see how that stacks in. As you mentioned, workforce identity alone has gone, in our calculation, from $18 billion to $30 billion. I guess three primary drivers of that growth's just in workforce. The first one is just new advanced product offerings. So if you look at -- since 2017, we've introduced new and enhanced versions of our products and brand-new products, and we're doing that with a very consistent framework. We're doing that annually, we're doing that frequently, included advanced versions of our core products, like single sign-on, MFA, LCM, also advanced products have a lot more functionality in it. And then there's brand-new products. Okta Access Gateway is a great example. Advanced Server Access is a great example. Workflows, which is now part of advanced Lifecycle Management, is a great example. These have all been rolled out in the last year. They are doing very well on being adopted at scale, which is great. Secondly, I think we're starting to really have an impact with the world's largest organizations. And we tend to highlight that by the -- both the number of customers who pay us over $100,000 in annual recurring revenue, but also we broke out at Analyst Day a month ago, how many large organizations -- or two months ago now, how many large organizations are actually using all these products. And we expanded considerably into a lot of those large organizations. It's driving really large lands and also a much larger expands. You see the dollar-based net retention number is going up at the same time, which is great. And then finally, I think there's just more target customers. As more and more people are moving off the legacy infrastructure and thinking about the modern, there's a lot more opportunity there, whether it's government agencies or other large organizations who might not have been good targets for us even 3 years ago. Everyone's going to mean -- everyone is going to be on cloud today.

Got it. I want to dig into some of those products that you mentioned. You talked about Gateways, Hooks, Workflows, all solutions that enable more seamless integration of Okta's technology within the customer. Can you talk to us about sort of what's the upsell opportunity like? What type of additional monetization can Okta see when they -- when you push in those solutions? And what's the benefit on the stickiness side of the equation? Like how does this make the Okta solution more ingrained into your customers?

Yes. Look, I'm very happy with the results that we've seen so far in the company. If, 12 years ago, I'd run into you in the street, like you said, right next to Madison Square Garden and you're walking into a Ranger game and you said, "Hey, in 12 years, you guys are going to have this company. It's going to be an $800 million run rate business. You're going to have 2,500-plus employees, 8,400 customers," I would have taken that in a heartbeat. But based on where I am right now, the last 3 years since IPO have been great and positive and a lot of great things about it. The next 3, 5, 10 are going to be way more exciting, way more interesting. Where spying is starting to get -- I mean it's still a small business compared to these TAMs. We're starting to get to the point where we can really start to branch out across the platform, and that's what you're talking about. If you look at products like Hooks or Workflows, those are great examples of how we're starting to go from a product company to a true platform company and you can tie all these things together. Companies are now starting to be able to build on top of Okta in terms of embedding our identity infrastructure right inside the core of the products, which is great. Hooks allows you to have these end-to-end, really complex environments where you can drive data in. You're a large company, you have a lot of your own data, it could be risk data, it could be customer data and you want to pump it in at the time of document -- of employee -- or customer registration or device management, you can do all those things. Workflows is another great example. Now you can really do those end-to-end workflows. It allows us to drive not only higher pricing because it goes into an advanced SKU of one of our existing products. But like we said, it's stickiness. This thing's like electricity. Once you're embedded in end-to-end Workflows, no one's ripping it out. And then finally, Access Gateway is one that I'm personally super excited about because for years now, we go, we talk to these large organizations and they say, "Oh, sorry. Love Okta. It's perfect for the cloud. Your identity cloud is amazing. But I still got to tie it in, like we just said previously, enterprise IT doesn't throw anything away. What they do is buy these things and Google them on the front. So I'm still going to have to, Frederic, unfortunately, tying your identity clouds in my on-prem legacy infrastructure because you're not going end to end. And so in the middle, I'm going to have to keep all this old, brittle software from like Ping Identity or CA Siteminder realm that I don't want to do, but I can't retire it because you're not giving me the show." And this is the problem we heard time and time again. And so what are we going to do about this? And that is the Okta Access Gateway product. And the revenues from that product, it's gone well. But as we said, since we launched it on the quarterly earnings, and it's still true today, [ the revenue's fine ], but it's the related revenues that's a lot bigger because now I can unlock those Global 2000s, they go, boom, now I can unlock the end-to-end solution, you're going to show me the road map to get rid of my Oracle or IBM legacy infrastructure over the next 2 years. And the CIO or the CTO has the credibility to turn around internally to their organization and say, look, Okta can do an end-to-end cloud, hybrid on-prem, and that's a huge driver for us. So those are some of the some of the product innovations that we get out the door, we get into the hands of customers, and I'm very proud to say customers are finding very great success with that very quickly.

Got it. Got it. I want to turn the attention -- look to consumer -- customer identity. It seems to be like, one, like you're talking about earlier, it's a big problem. It's something that's increasingly complex for the end customer, notoriously complex for your customer itself. And it seems like it's going to get worse, right? User privacy issues are ramping in terms of regulation, ramping in terms of like you really don't want to get off in the newspapers by having personal identity fall information come out. And it's getting harder for, I think, for the customer then -- your customers themselves, to understand who their user is. You can't use cookies anymore. You're not going to be able to use cookies on a going-forward basis. That's what's being phased out. It seems to me that Okta could provide an interesting solution in there, right, that they can help to solve some of these problems. Can you tell me how you guys go about that? How the Okta customer identity solution is going to help solve some of these issues for the end customer?

Yes, absolutely. By the way, your sales pitch is perfect. So if this doesn't work out, we're always looking to hire [ a new sales guy ]. Yes, I mean, look, we always believe there was a big opportunity in customer identity management. Like we said, it was a build versus buy, so it wasn't clear. You couldn't buy a report and say, like, how much are people spending on this because it was kind of weird, right? It was like, what are you going to do? You're going to call John Deere and say, "Hey, John Deere, what percentage of how many of your developers are working on customer-facing identity?" And they're like, "I don't know what you're talking about." So -- but here's the reality. The reality of it is there's a shortage of 200,000 developers in North America today. Our universities are only printing 30,000 a year. So even if there was no growth in software in the future, it would take 7 years for it to catch up to that pent-up demand. So what does that mean? That means if you're John Deere, you're FedEx, amazing companies, but they have to compete with Google or Facebook or Okta to get the best developers in the world. And they're just not going to get enough of them. At the same time, customer identity management, this is in the line of revenue. We are talking about how you accelerate your business, digital transformation, the most overused term in the world, what it really means though in this case is, how do I have a better interaction with Keith as my customer? How does he have a better experience on his mobile phone? How does he have a better experience on the website? How can I learn more about him? How can I make it more seamless for him to interact with me? I got to do that. It's in the revenue statement. If I don't do that, my competitors going to do that. So the stakes have gone up, the importance has gone up, the urgency has gone up and then at the same time, you don't have the resources to do it. And I think that's where this big opportunity is. So number one. Number 2, I would say, look, everyone has -- [ I'll take them a test ], a Fortune 8 company, great company, customer of ours. Love them. They use everything we do, but they have one workforce, which is great. So they use us end-to-end on all their workforce. We're their workforce identity standard. So if I come out with a new product, I can sell to McKesson, and they'll buy hundreds and thousands of seats of it for their employees, but they only have one workforce. They have end number of customer identity and access management opportunities, right, because they have to do end user portals for end users. They have to do physician portal. They have to do doctor portals. They ship 1/3 of all pills in America every day. They have these giant digital supply chains. They want to make sure the right people have access to it. That's like 20, 30, 40 different customer identity and access management opportunities for me to help them with. And when you think about what's going to happen in the world and you think about what just happened with the acceleration that everyone wanted with the e-commerce numbers we talked about, everyone's got to find a better way to interact with it quickly. And so the risk has gone up. And then finally, as you said, and that's why you see the numbers, even though CIAM is only 23% of our ACD mix, it's growing at almost 70% year-over-year, right? So it's smaller than our workforce business because we didn't have that side of the market 5 years ago, but it's growing really rapidly. Now if you look at, finally, what you said is the complexity and the privacy of the fact, we just put out a report yesterday around data privacy and how folks feel about it. We polled 12,000 people in 6 to 8 countries, including the United States. And basically, they're all saying, I'm super worried about -- my digital identity and privacy is super important, but they really don't understand that everyone's tracking everything they're doing all the time. Now you see when Facebook executives or Google executives or big tech executives get brought up onto the -- in Washington, D.C., and they're asked to talk about these things, it's like they're being put out there and saying they're bad stewards of data. And that's why you end up having things like CCPA in California, which is a protection of consumer information. The problem though -- and you have GDPR in Europe -- and Okta, by the way, is compliant with both. The problem though, if you're a company, you are MGM. And you have the MGM brand and the MGM Vegas and you have the M life affinity program, which is how you track Keith. I know what he spends. He would lose a lot of money. [ I help him with the buffet ], and I give him a credit card. I got to track all these things. While he's in California, I have to comply with CCPA. The problem is there's no federal standard. All the states are going to come out with their own, and they're going to be 50 of those. Now as MGM, you're like, holy smokes, how am I going to be compliant? And by the way, with the speeding tickets for messing that up are expensive. So you're like, wow, holy smokes, how am I going to comply with all these things? And at the same time, it's a mess for you, Keith, because you don't actually know who has access to what data, where your data is and who can do what. Those are huge opportunities. And so you talk about CIAM, we are working a lot on how we can enhance privacy opportunities. Imagine if I can go to MGM and say, "Hey, I'm going to give you the United States version of CCPA in a box for 50 states, point and click as a CIAM solution." People are like, "Yes, please." So we're working a lot on that. We came out with Okta Ventures last year, which is a corporate venture capital firm, a venture capital fund that also runs under my purview. We've made about half a dozen investments. A couple of those have been in data privacy, data governance, just start to get an idea of what's really going on there. But I totally agree. There is a lot that's going to happen in CIAM in the times ahead, and we're very excited to help our customers with that.

Got it. It sounds awesome. When we think about customer identity, the primary competitor is kind of do-it-yourself and developers. Who else is targeting this opportunity? Is like the ultimate competitive set, like, Facebook just wants you to use the Facebook ID and Apple wants you to use the Apple ID, and you're competing with those guys?

No. I mean, right now, it's build versus buy. So Facebook, the Facebook ID, the Google ID, we support all those integrations. That's just very simple open ID standards, so that basically, any of our customers, the M life example, you can go on the M life website, you can log in using Facebook or Google or any of that stuff. But I would also say, just the conversation we just had, are you going to entrust all of your personal data to Google or Facebook? No, because they make money on that business. We don't. We're an enterprise company. Our customers pay us. They get to use the infrastructure. We use the data in aggregate for the reports, but we make no money off the data, and we never will, okay? So that's the first thing. The second thing is when we really think about how we're going to be doing all that, there's a lot of opportunity to build the APIs and the SDKs and the libraries and the toolkits to make it super easy. Think about today, you're trying -- you're a developer, you're trying to build a bunch of stuff and you're like, okay, I need communication, I need SMS. Boom. You can think about the Twilio libraries off the shelf, plug and ready to do your thing. Okay, now I need to do payments. I want to charge Keith. Boom. I take Stripe off the shelf, I plug it right in my things. We want to do the exact same thing with identity because we just talked about how there's a massive shortage of developers, super important line of business, speed to market is everything. We want you to be able to think, "Wow, I can go to Okta. And we have a developer.okta.com. We're investing a ton in customer identity and access management, a huge opportunity for us, so that you can just pull that off, plug it in your thing, the libraries are there, the documentation is there, the relationships are there. You can see exactly how it all works. The APIs, SDKs packaged products, we're really spending a lot of time and effort and energy on that, and it's going really well. The results speak for themselves. You see what's happening with the numbers. So I think with these platform type services, we can really help our customers build faster, they can customize more easily, and frankly, they can extend across their technology investments that they've already made, which I think is very exciting.

Got it. Got it. I wanted to dig into one of the things you talked about. You mentioned MGM. And I remember seeing the press release that they're building out -- basically building out or transitioning their loyalty program to be built on Okta. It's not something I traditionally would have expected to see like built on an Okta platform. Can you help me...

Why do you got to be like that? Come on, now.

I'm looking for you to kind of help me see the light. Can you help me understand like why that makes sense? Like why MGM turns to you guys as...

Yes. MGM is -- I could explain that one, but I'm going to take one that's even easier for like everyone to understand because it's something they do every day. Whereas, if you haven't been in Vegas in a while, you probably won't for some time. So I'll take Albertsons as an example, right? Albertsons is a huge food chain. They have about 27 different banners under the Albertsons flag, Safeways, Vons, all these other stores, okay? So essentially, Albertsons a customer of ours. Before Albertsons was a customer of ours, they were in the M&A business. So they rolled up all these different things. And now Keith could be a customer of Albertsons, the brand, of Safeway and a Vons. And maybe you're at the gas station, you're using your Safeway points to get a bunch of Chevron gas for cheaper. You're doing all these things, but you have 9 different numbers across all the different things. None of them were tied together. You get no credit at Safeway that you just bought a bunch of stuff at Albertsons, and so forth and so on. And then on the back end, Albertsons doesn't know who you are. They've got Keith Weiss over here. They've got Kate Weiss over here. They've got Keith W III one, they can't make sense of it. What does that mean? They can't give you any value. They can't help you cross -- they can't help themselves cross-sell and upsell you any products and they can't say, "Wow, Keith bought these 3 things, we think he might also be interested in this one." Fast forward, Albertsons is now a customer of ours. We run all their customer identity and access management infrastructure across all the different touch points, which is on the web, on the mobile app, physically in the stores and at all the partner chains like gas stations that I just mentioned. So the experience now for you is one username -- and then I'm going to get to, by the way, a cool part of the technology we've added on with FastPass, but I'll get there. One user name for you, one password, one set of credentials, you see all your information. They can be integrated. You can use points in different way. It's your phone number if you want it to be, whatever the identifier is. Do you think I would remember your Vons number, but you know your phone number, you can use it everywhere. Boom. Now Albertsons, on the back end, has got one view of Keith. Oh, look, he's over here. Looks like he's on vacation up in the Adirondacks. But we've got some special partners up there, let me push him a bunch of stuff, and he can go shop where I want him to shop. So that's the kind of solutions where multichannel, multi-touch, all the brands, that's where our customer identity and access management is like in the future because otherwise, I don't know who you are. The cool thing that we just announced and as we roll out more and more of these platform services, and if you look at an example like what we're doing with all our devices work, we just released at Oktane20 something called FastPass, which is basically getting rid of passwords in situations where you can. So what do I mean by that? I mean by that if we have stamped your mobile device and we know it's you, and you are now at the gas station trying to get the points discount off of your Albertsons number, maybe I'm just going to say, "Oh, look, it's Keith. We stamped his device. We know it's his device and all he's trying to do is get some points," maybe you just need your username. You don't even need your password anymore. Those are the kinds of things where you can make it more significant. Look, at the end of day, if someone gets your Albertsons points, I mean, it's a bummer, but it's not the end of the world. It's a low-touch day where I want the friction to be 0 on the customer, and I want them to keep coming and be like, "Wow, that's a magical experience." Those are the kinds of things where I get -- really think that we can innovate in the times ahead and help customers considerably with their customer identity and access management opportunities.

Got it. So I wanted to -- we have a couple of minutes left. A couple of new solutions you guys talked about in Oktane. FastPass is one of them, Lifecycle Management, device platform services. Can you talk to us a little bit through the other 2, the Lifecycle Management and device platform services?

Yes, absolutely. So Lifecycle Management, definitely they're both -- I'm juiced about both of them, but Lifecycle Management is one that is about all about workflows, and people really ask us about that. That's when you can really start to have extremely valuable relationships with your customers because now it's not just about, hey, you bought a bunch of products from me. I helped you with some point of problems. Now I'm helping you with end-to-end use cases. Here's a very simple one, everyone will understand, what's known as a JML, joiner, mover, leaver. New employee comes on board, how do I make sure they have access to all this stuff? Change jobs, their entitlements should change, their access applications, maybe devices should change. They leave the company. I need to instantly deprovision them from all these publicly available Internet services that they can -- key mission-critical data, they can go home and log in on their iPad. And that use case alone is super complicated, and especially as the organizations get bigger. Now you've got HRIS-based provisioning things like Workday tools where you can drive downstream, it's the ITSM systems like ServiceNow, they can provision the laptop and send it to your home or your other applications. And then you can close the loop to make sure the demands are approved, that you actually should have Salesforce.com access. That's what you can now do with all of our Workflows stuff, which is -- it's GA now. It's point and click, no code, it's drag and drop, the demos are killer and they work even better in production. And once that stuff is glued in, it is not coming out. You see it in dollar-based net retention. You see it in the upsell and cross-sell numbers in the revenue base with advanced Lifecycle Management because Workflows is part of that. I mean that stuff is doing awesome. Then the other one you mentioned is devices, right, and a lot of the device information that we're doing. We announced at Oktane a bunch of really good partnerships with a bunch of the leading endpoint companies. So VMware Carbon Black, CrowdStrike, Tanium, they provide a lot of device risk signal information. So now I can go kind of what's the posture of the device? How does it work? And I can start to make access and authorization decisions much more quickly from more of this data that's coming into me. So here's the example. I know that Keith, he hits our normal systems Monday through Friday, from the East Coast from a bunch of standard IP ranges, no problem. All of a sudden, Keith is on one of his mobile apps -- one of his mobile devices, it looks like he's trying to hit the financial systems to 2:00 in the morning from Eastern Europe. Huh, that's suspect. And I'm getting it off of the devices. I can instantly put Keith in the penalty box, so maybe he can only access a calendar or an e-mail until Monday morning when security actually -- SecOps is going to take care of it. B, I can send a note, a bunch of notes to security. See, I can walk down a bunch of other assets that he might have access to, to make sure that nothing else happens. If you can do that in an automated manner, you're now using all that data and all those risk signals to augment what is already a very complex process to like prevent security breaches. I mean, that is like panacea for a lot of these CISOs. So the more and more we can do these things and tie those 2 things together with the Workflows, for example, on the devices, and open up the platform for other people to take advantage, I think customers really start to benefit from a lot of that.

Got it. Got it. That sounds awesome. Unfortunately, that takes us to the end of our allotted time. Thank you, Frederic, very much for joining us and walking us through this expansive opportunity ahead of Okta. For all the clients on the line, thank you for joining us, and please stay tuned. We actually have Carbon Black from VMware up next on our presentation. That's the last presentation of the day. So Frederic, once again, thank you very much for joining us. I really appreciate your time.

Thanks, Keith. I greatly appreciate it. It's great to see you. We'll talk to you soon. Take care.

Excellent. Sounds great.

Okay. Bye.