Ping Identity, a pioneer in Intelligent Identity solutions, announces its continued support for enterprises in developing a Zero Trust security infrastructure with new capabilities, practical guidance, and technology integrations. As organisations move away from a static perimeter-based security approach, they’re embracing strategies that require authentication and authorisation of every user, device, and network, as well as dynamic policies that factor in numerous risk signals, and intelligent data sources. Advanced Zero Trust Features To support organisations in their Zero Trust efforts, the Ping Intelligent Identity Platform offers: Enhanced Passwordless Authentication Capabilities: Enabled by support for the FIDO2 passwordless authentication flow, and an ‘Identifier First’ adapter, users are prompted for an identifier—such as a username—which triggers user verification via push notification, facial or fingerprint check, or another non-password authentication method. Expanded Identity Intelligence: User-behaviour based attack detection on APIs to block access if necessary, the ability to evaluate whether two authentication requests from different locations are possible in the time elapsed between them (impossible travel velocity), and IP address reputation assessment before granting access. Broadened Enterprise Coverage: Fine-grained control over who has access to user-related data to address data privacy challenges. New Technology Integrations ID DataWeb and Ping Identity partner to verify that users are who they say they are during device registration as part of step-up authentication and account recovery. “Continuous identity verification is an essential security component,” states Matt Cochran, VP of Product and Operations, ID DataWeb. “Our customers need to instantly verify three aspects of their users—who they are, their physical context and their relationships. The result is that they can drive decisions for account opening, authentication or sensitive transactions.” Establishing complete control over business data The result is a more secure mobile work experience and increased productivity" MobileIron and Ping Identity together offer greater context for device posture assessment and corresponding policy creation to allow or deny user access. “With modern work increasingly taking place on mobile devices, organisations need a solution that establishes complete control over business data and supports worker productivity,” said Brian Foster, SVP of Product Management, MobileIron. “Ping Identity provides an authentication authority, which when combined with our unified endpoint management software allows for heightened security based on a range of device attributes. The result is a more secure mobile work experience and increased productivity.” Authenticating private apps and data Zscaler’s Zero Trust Network Access (ZTNA) service, Zscaler Private Access, and Ping Identity, partner to ensure that only authorised users can view and connect to authenticated private apps and data. New integrations take this one step further, allowing IT teams to benefit from automatic termination of a user session in the event of potential security risk. “To protect the business, security must be invisible to users and omnipresent. Traditional security methods that treat users as an IP address and rely on firewall appliances hosted in a datacenter are antiquated in today’s mobile cloud-driven workplace,” says Punit Minocha, SVP of Business and Corporate Development, Zscaler. “We are happy to be working with Ping Identity to help protect enterprise data and enable cloud transformation by bringing together two Zero Trust ecosystem leaders built with user experience and scalability in mind.”
Ping Identity, global provider of identity-defined security solutions, has announced its capabilities framework and practical guidance for adopting a Zero Trust security strategy. This framework provides reliable direction to companies in any stage of the Zero Trust maturity process to help enable a broad range of use cases and technology integrations. It also includes innovative ways to support secure access to anything, by anyone, from anywhere on any device. Zero Trust security strategy The Ping Identity model provides numerous starting points for architecting Zero Trust security within the realms of strong authentication, endpoint security, network security, workload security, data security and transaction security. In addition, Ping offers guidance ranging from advising security leaders on the transition process to Zero Trust, to providing security practitioners paths to configure key Zero Trust elements, starting with strong identification and authentication. Ping has established multiple partnerships to support its Zero Trust framework In fact, Ping has established multiple partnerships to support its Zero Trust framework and continues to develop this network of technology partners to serve the security needs of enterprise digital transformation projects, such as multi-cloud deployments, secure partner access and API first initiatives. Some of the companies that Ping Identity has partnered with to establish Zero Trust include ID DataWeb, iovation, a TransUnion company, and MobileIron: “Zero Trust is all about verifying that your users are who they say they are – both upfront, and on an ongoing basis,” says Matt Cochran, VP of product & operations for ID DataWeb. “The key to adoption is taking an approach that does not sacrifice user experience by finding the right balance of strong upfront identity verification, passive environmental risk analysis and adaptive MFA challenges. Ping Identity and ID DataWeb’s combined solution allows companies to establish a strong Zero Trust foundation on top of their existing identity investments, which is key for success.” When done right, Zero Trust security can minimise both risk and friction for good customers, and that’s just what the partnership between Ping Identity and iovation accomplishes,” said Jon Karl, EVP of corporate development and co-founder at iovation. “Our joint customers have the ability to leverage thousands of attributes to accurately recognise devices and assess their trustworthiness while also watching for mismatches and high-risk activity from specific time zones, regions and IP addresses.” “Our partnership with Ping Identity allows us to augment the single-sign on experience in a mobile-friendly way that brings Zero Trust security to all devices,” said Brian Foster, SVP of product management, MobileIron. “This mitigates the risk of corporate resources being accessed from mobile and desktop devices and ensures that all devices, applications, users and networks meet compliance requirements through zero trust principles." Adopting digital transformation initiatives The company recognises that organisations embarking on digital transformation initiatives are in various stages of Zero Trust maturity. This means providing different types of secure access, each of which has a distinct set of security requirements. To learn more about the Ping Identity Zero Trust framework, listen in to several upcoming webinars and recordings: The recording of ‘How to Broaden Enterprise Security with Zero Trust Access’ shares how Zero Trust adoption can benefit security and business leaders, while providing an overview of common challenges and where to get started on a Zero Trust journey. The recording of ‘Zero Trust and Building Identity for an Open Perimeter at Netflix’ provides a concrete example and discussion of how a cloud-first company has applied principles from the Ping Identity Zero Trust model toward making identity the new security perimeter. The recording of ‘How to Architect API Security for Zero Trust’ offers deep guidance on common API vulnerabilities and ways a Zero Trust approach can fill the gaps. The June 11 webinar ‘CIAM Assessments, Blueprints and Roadmaps for Zero Trust Security’ will explore the role of identity in Zero Trust deployments and how an assessment can help enterprises understand which capabilities are required to enable secure employee, partner and customer access.