Ping Identity, global provider of identity-defined security solutions, has announced its capabilities framework and practical guidance for adopting a Zero Trust security strategy. This framework provides reliable direction to companies in any stage of the Zero Trust maturity process to help enable a broad range of use cases and technology integrations. It also includes innovative ways to support secure access to anything, by anyone, from anywhere on any device.

Zero Trust security strategy

The Ping Identity model provides numerous starting points for architecting Zero Trust security within the realms of strong authentication, endpoint security, network security, workload security, data security and transaction security. In addition, Ping offers guidance ranging from advising security leaders on the transition process to Zero Trust, to providing security practitioners paths to configure key Zero Trust elements, starting with strong identification and authentication. Ping has established multiple partnerships to support its Zero Trust framework

In fact, Ping has established multiple partnerships to support its Zero Trust framework and continues to develop this network of technology partners to serve the security needs of enterprise digital transformation projects, such as multi-cloud deployments, secure partner access and API first initiatives. Some of the companies that Ping Identity has partnered with to establish Zero Trust include ID DataWeb, iovation, a TransUnion company, and MobileIron:

  • Zero Trust is all about verifying that your users are who they say they are – both upfront, and on an ongoing basis,” says Matt Cochran, VP of product & operations for ID DataWeb. “The key to adoption is taking an approach that does not sacrifice user experience by finding the right balance of strong upfront identity verification, passive environmental risk analysis and adaptive MFA challenges. Ping Identity and ID DataWeb’s combined solution allows companies to establish a strong Zero Trust foundation on top of their existing identity investments, which is key for success.
  • When done right, Zero Trust security can minimise both risk and friction for good customers, and that’s just what the partnership between Ping Identity and iovation accomplishes,” said Jon Karl, EVP of corporate development and co-founder at iovation. “Our joint customers have the ability to leverage thousands of attributes to accurately recognise devices and assess their trustworthiness while also watching for mismatches and high-risk activity from specific time zones, regions and IP addresses.
  • Our partnership with Ping Identity allows us to augment the single-sign on experience in a mobile-friendly way that brings Zero Trust security to all devices,” said Brian Foster, SVP of product management, MobileIron. “This mitigates the risk of corporate resources being accessed from mobile and desktop devices and ensures that all devices, applications, users and networks meet compliance requirements through zero trust principles."

Adopting digital transformation initiatives 

The company recognises that organisations embarking on digital transformation initiatives are in various stages of Zero Trust maturity. This means providing different types of secure access, each of which has a distinct set of security requirements. To learn more about the Ping Identity Zero Trust framework, listen in to several upcoming webinars and recordings:

  • The recording of ‘How to Broaden Enterprise Security with Zero Trust Access’ shares how Zero Trust adoption can benefit security and business leaders, while providing an overview of common challenges and where to get started on a Zero Trust journey.
  • The recording of ‘Zero Trust and Building Identity for an Open Perimeter at Netflix’ provides a concrete example and discussion of how a cloud-first company has applied principles from the Ping Identity Zero Trust model toward making identity the new security perimeter.
  • The recording of ‘How to Architect API Security for Zero Trust’ offers deep guidance on common API vulnerabilities and ways a Zero Trust approach can fill the gaps.
  • The June 11 webinar ‘CIAM Assessments, Blueprints and Roadmaps for Zero Trust Security’ will explore the role of identity in Zero Trust deployments and how an assessment can help enterprises understand which capabilities are required to enable secure employee, partner and customer access.
Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version

In case you missed it

What is the biggest change in the security industry since 2010?
What is the biggest change in the security industry since 2010?

Ten years is a long time, but it seems to pass in an instant in the world of security. In terms of technology, 2010 is ages ago. Changes in the market have been transformative during that decade, and we called on our Expert Panel Roundtable to highlight some of those changes. We asked this week’s panelists: What was the biggest change in the security industry in the 2010-2019 decade?  

SIA composing code of conduct for U.K. private security, seeking comments
SIA composing code of conduct for U.K. private security, seeking comments

The Private Security Industry Act of 2001 gives the Security Industry Authority (SIA) the function of setting standards of conduct in the United Kingdom’s private security industry. Time is winding down to provide input during the SIA’s six-week consultation on a new draft code of conduct for SIA licence holders and applicants for SIA licences. The authority is inviting the industry, licence holders, and anyone with an interest in private security to have their say on the draft code of conduct by taking part in a survey. The consultation will end on 23 February.   “The ethos of the code of conduct is that it will improve standards and public safety by setting out the standards of conduct and behaviour we expect people to uphold if they are entrusted with protecting the public, premises and property,” says Ian Todd, Chief Executive, Security Industry Authority (SIA). Security's Code of Conduct A code of conduct sets out what standards of behaviour professionals have to meet in order to work in the profession In security as in many professions, a code of conduct sets out what standards of behaviour professionals have to meet in order to work in the profession. SIA is suggesting Six Commitments of behaviour that will apply to all licensed security operatives and to applicants. If the code of conduct is sanctioned by the U.K. Home Office, it would become mandatory and incorporated into SIA’s licensing criteria Get Licensed. A commitment to certain standards of behaviour is fundamental to what it means to be fit and proper, and to being part of a profession. The six commitments are: Act with honesty and integrity Be trustworthy Protect the people and property you are entrusted to protect Be professional at work Act with fairness and impartiality at work Be accountable for your decisions and actions “We will review the comments from the consultation once it concludes on 23 February, analyse the results and publish a report on our findings,” says Todd. “The SIA will then use the comments it has received to write a final version of the code of conduct. The introduction of a code of conduct will be subject to final approval by Home Office Ministers.” SIA’s current Standards of Behaviour provide guidance on professional behaviour but are not mandatory. The draft code of conduct builds on the Standards of Behaviour. Upholding SIA's Standards The SIA’s Partnership and Interventions team is the unit that enforces the Private Security Industry Act “The majority of licence holders uphold the standards of behaviour that the SIA, their employers and the public expect of them,” says Todd. “Their professionalism and dedication keep the public safe and tackle crime. However, there are incidents in which some licence holders do not behave in this way. This minority lower the standard of service the public receives, harm public safety, and bring themselves and the rest of the private security industry into disrepute.” The SIA’s Partnership and Interventions team is the unit that enforces the Private Security Industry Act. It is likely that they will be required to enforce the code of conduct should it become mandatory. The draft code of conduct is currently out for consultation and the proposal has been shared widely to licence holders, private security businesses, and enforcement partners encouraging them all to take part. “Once the consultation has concluded, we will analyse the findings from the feedback, produce a report and publish it on our website and share this widely via social media,” says Todd.

Satisfaction criteria differ for DIY vs. pro-install companies, says J.D. Power
Satisfaction criteria differ for DIY vs. pro-install companies, says J.D. Power

J.D. Power is a well-known name when it comes to measuring customer satisfaction, and they have been measuring satisfaction in the home security industry since 2016. Changes affecting the marketplace – both in terms of disruptors and technology – make this a unique time. For example, in 2019, J.D. Power expanded the Home Security Satisfaction Study to not only measure the traditional pro-install/pro-monitor companies, but to separately evaluate self-install/pro-monitor brands.  “At J.D. Power our rankings are meant to support an industry in two key ways,” says Christina Cooley, J.D. Power's Director, @Home Intelligence. “First, we provide consumers who are shopping for products and services with a ‘report card’ of who provides customers with high levels of customer satisfaction. Second, we provide companies with actionable insights to help them prioritise their initiatives to improve and maintain high levels of customers satisfaction that drive loyalty and growth.” Differentiating between companies The traditional Pro-Install/Pro-Monitor companies are challenged to differentiate from one another In home security, J.D. Power is in a unique position to report on the changes taking place in the evolving industry. The 2019 rankings show that the traditional Pro-Install/Pro-Monitor companies are challenged to differentiate from one another, as each have their individual strengths and opportunities, but overall the score range is relatively tight. On the do-it-yourself (DIY) side, there is more differentiation. A set of brands has been able to challenge the traditional industry by achieving extremely high customer satisfaction levels. Price is always an important factor that impacts customer satisfaction, whether for security or another market J.D. Power serves. The equation is simple, says Cooley: does the price paid equal the value the customer feels they have received from the product or service? “For Home Security, we didn’t specifically look at price until this year,” says Cooley. “With the changes that have occurred in the market, price can be a differentiator as we’ve seen with the emergence of DIY-installed systems. However, lower pricing does not have a direct relationship to quality of service.” The price factor For example, there are some higher-priced pro-installed brands that perform lower on customer satisfaction than lower-priced competitors. And DIY-installed systems as a whole are less expensive, and price is the customer satisfaction driver in which the DIY segment most outperforms the pro segment. Price is the customer satisfaction driver in which the DIY segment most outperforms the pro segment The equation is: performance minus Expectations equals Customer Satisfaction. “Obviously, price point will be a factor in the purchase decision and the expectations the customer has about the product and service,” says Cooley. “Any pro or DIY system has the opportunity to differentiate the customer experience regardless of price point.” There are clear differences in the pro vs. DIY experience, which is why J.D. Power evaluates the brands in separate rankings. However, Cooley says the drivers of satisfaction are consistent across both groups. The key to each group goes back to the equation above.  Evaluating the purchase process For the both pro and DIY companies, J.D. Power evaluates the purchase process the same. Though the customer may take a different path to purchase based on the offering they seek, the drivers are still the same: Usefulness of information provided Reasonableness of contract terms Professionalism of sales representative Ease of purchasing home security system. For installation, there are clear differences. DIY systems are evaluated based on: Ease of completing installation Quality of installation instructions provided Timeliness of receiving home security system. Pro systems are evaluated based on: Professionalism of technician Timeliness of completing installation Quality of work performed. Interestingly, purchase and installation are the customer satisfaction driver where both pro and DIY providers (as a whole) are most closely aligned on performance. Customer loyalty The price a customer is paying must align with the quality of the system they receive What drives a customer to purchase a home security system initially will often be very different than what will keep them as a loyal customer, Cooley notes. The price a customer is paying must align with the quality of the system they receive, and the service provided through the professional monitoring and customer service. “With the expansion of home security offerings, it’s more important than ever for home security companies to understand the motivations, intentions, and usage patterns across different customer segments to ensure that regardless of the decision to go pro or DIY-install, they are able to meet their customers’ needs and differentiate in the very competitive market. The J.D. Power Home Security Study provides these actionable insights.” The study is focused on the companies/brands that comprise the top two-thirds of market share in each segment, pro and DIY installed. A number of the brands included may work with local dealers or retailers for sales and install, but the customer is essentially evaluating those services as part of the system purchased. It is one and the same from the customer’s perspective, and the sales/install process can either delight or frustrate a customer from the beginning, which can then set the foundation for the entire experience moving forward. Reasons for shopping for a security system tend to differ between pro and DIY shoppers: Both sets are most focused on wanting a newer, more up-to-date system Between the two, pro customers are more often moving into a new home or wanting to take advantage of a discount or bundling opportunity with other products For DIY customers, they are shopping for a system to give them more peace of mind and to protect their property. Reasons for selecting the provider also vary: A pro company is often selected based on brand reputation or a special offer/promo A DIY company is primarily chosen based on price or a positive review. In terms of brand image, we see that customers see both pro and DIY providers similarly in terms of reliability. However, when it comes to being customer-driven, DIY providers receive higher image ratings compared to pro-installed companies.