Ping Identity simplifies legacy identity infrastructure updates with new self-service suite

Denver-based intelligent identity specialist Ping Identity has flagged the release of PingCentral, a self-service delegated administration and converged operating portal for enterprise identity and access management (IAM).

“Ping Identity is dedicated to providing implicit value to our customers through our IAM solutions, helping enterprises to achieve their digital transformation goals,” said Loren Russon, vice president, product management at Ping Identity.0 (16)

“By simplifying fundamental IAM processes and enabling non-technical business teams to manage standard administrative tasks, PingCentral helps enable organisations to save valuable time and resources while strengthening their overall security posture.”

According to the firm, the offering addresses common tasks across its Intelligent Identity platform with simple, self-service workflows and standardised templates that can be delegated to business users and application teams that don’t have IAM expertise.

“Dedicated IAM administrators often struggle to manage the high volume of requests required to keep application teams functioning. An example of this is adding a connection for an application or API, or handling minor changes like updating configurations, security certificates and more,” the company said.

“Meanwhile, business application teams generally have limited IAM knowledge and ability to make these modifications on their own. The result can be IAM changes that take up to several weeks of back and forth activities between IAM administrators and business application teams, including multiple requests, emails and meetings.”

Ping Identity said this leaves little time for identity security teams to focus on value-add activities like enhancing security posture and improving end user productivity.

Key features include:

Delegated Administration Portal: Contains a self-service, user-friendly interface and template workflow that allows IAM administrators to create, update and deploy standard templates for single sign-on (SSO) and authentication.

Orchestration Engine: Automates promotions across the application development and deployment lifecycle by maintaining configuration across environments, and allows IAM administrators to designate protected environments that require approval to reduce risk.

Central Monitoring System: Provides visibility of application connections, clients and environment tiers from a single screen, and permits IAM and business application administrators to assign and/or update resource ownership.

Lifecycle Management: Supplies an audit trail across the lifecycle of client configuration changes and promotions—so administrators always know who has done what and when to a connection and/or client—and allows for easy reversion back to previous configurations as needed.

Ping Identity names Ashley Diffey as ANZ, Japan country manager

Denver-based identity-defined security specialist Ping Identity has appointed Ashley Diffey as Country Manager for Australia, New Zealand and Japan, with a brief to continue driving increasing demand for the firm’s offerings in the region.

Based in Melbourne, Diffey will be responsible for sales, customer support and services.

Diffey joined Ping in late 2018 as APAC Channel and Alliances Manager, and over the past nine months has managed the channel partner ecosystem within the region.  His focus is on supporting the organisation’s go-to-market strategies and sales.

With two decades of sales and channel leadership experience, Diffey’s previous roles included a stint at Venn Solutions as general manager for Victoria, F5 Networks, where he managed the company’s partner relationship with Telstra and oversaw the organisation’s southern regional channel.

In addition, he served as director for channel sales Australia and New Zealand, and southern region channel sales manager at Commvault.

Ping Identity works with a range of partners across ANZ and Japan, such as Versent, NTT, Baidam Solutions, Fronde, Unify Solutions and Dimension Data. Local customers include public and private sector organisations across vertical markets, such as the Bank of New Zealand, Mortgage Choice and Griffith University.

‘End-user network access still weakest link in enterprise security’ Q&A with Centrify CEO Tom Kemp – Part II

Hey presto, as promised we present the second part of my recent conversation with Centrify CEO Tom Kemp at the firm’s head office in Santa Clara. To kick things off, Tom addressed some ways in which machine learning and artificial intelligence look set to seriously impact most organisations’ productivity as well as their security.

 

Tom Kemp A key problem that we have with security is trying to find that right balance between productivity and security. Your very first question was: ‘What can Machine Learning do?’ Machine Learning can help strike that proper balance between productivity and not putting up too many hurdles and gates for a user to jump over in the name of security.

But you still want to have security and make sure that that user is secure. I think Zero Trust, coupled with Machine Learningreally provides the path forward and Centrify wants to be seen as a leader in this new movement towards Zero Trust.

Telecom Times Excellent. Maybe building on that, I’m told that out of all cyber threats the single biggest security headache for organisations still centers very much on password access for employees and former staff members.

Given that the main threat still seems to be mostly human-driven, would you say that any strictly technological attempt to address this issue will be limited in its efficacy?

Tom Kemp Yeah, I mean look, users are the weakest link, right?

It turns out that the way that we’ve set up computers is that most access is controlled by a single thing – a password, right? The hackers have figured that out, and that’s why according to Verizon’s Data Breach Report, 80 per cent of breaches involve stolen or compromised credentials.

So, how do we move away from passwords? Well, we can’t because all our applications and all our systems are hard-coded into using passwords. But what we can do is, we can layer on multi-factor authentication, and tie multi-factor authentication into something we [already] have, which is a mobile device. I really think that MFA is going to dramatically improve the problems with stolen or compromised credentials.

Then from there, you need that intelligence to take into account and factor in the devices being used by the user, coupling that with Machine Learning by unifying the verification of the user with that of the device. Looking at access and privilege, you can provide a significantly more secure environment.                                                                                                         

We did a study with Forrester Research where people who were farther down the path of deploying Zero Trust actually found out that they got breached half as many times as people that were not implementing a Zero Trust concept.

Telcom TimesHow big a piece of the investment budget for Centrify is made up of innovation and R&D, and how will this change over the next 10 years?

Tom Kemp: Because of the significant pain point that customers are seeing with stolen and compromised credentials – and by the way, it’s not just only end-users like you and me whose usernames are being stolenit’s also the privileged accounts that an organisation has. The keys to the kingdom; the admin accounts, et cetera.

There is a reason why this identity is the top attack vector, and increasingly more and more spend is being [allocated] to address this. We see just a great market opportunity there, and almost half our R&D budget is just in new innovations.

We see a great opportunity to add a lot of value to customers and make them more secure. We’re innovating and investing in – not only the go-to-market by putting more resources outside the US – but also doubling down on our product development roadmap and really focusing on, emphasizing, and developing towards this concept of Zero Trust Security.

Telecom Times Going forward, will mergers and acquisitions be a major part of the focus in APAC markets? And if so, which are some of the added capabilities to the companies you are looking at first and foremost?

Tom Kemp Yeah, we don’t talk about potential acquisitions but we do think that we have a very robust product portfolio that doesn’t have any significant gaps to it. We’re very proud of the fact that we’ve organically built this broad platform for Zero Trust.                  

We’re not actively looking to go out and acquire, to add stuff. If something comes along that could be a good tuck-under, we’ll certainly explore that.

We’re definitely trying to go on the offence in the market in terms of taking our broad platform for Zero Trust, and selling it beyond the US, and looking to penetrate in a greater way the Asia-Pacific market, both leveraging more people in the field but also trying to leverage more channel partners as well.

Telecom Times What are your thoughts on the markets of China and IndiaDo you envisage access to those markets to become at any point inaccessible to Western companies? And if so, what might be some of the drivers for them for putting up such barriers?

Tom Kemp: Yeah, I mean we’ve done some business in both. It’s a very small percentage of our overall business. It’s something that we are just going to have to it do a little bit more exploration and [then] determine whether or not it is open for us.

We’re not there yet in terms of making the decision to really try to further penetrate either marketClearly, I think, India probably would be an easier market to enter than China, but both countries are areas of investigation for us.

Telecom Times: Watch this space?

Tom Kemp Yes.