Ping Identity

Success in digital business depends largely on meeting customers’ ever-increasing expectations of convenience and security at every touchpoint. Finding the best strategy to achieve the optimal balance between security and convenience without compromising on either is crucial, but can be challenging.

Verifying what specific applications, files, and data that a human or non-human entity has access to, is at the heart of cybersecurity in the face of increasing theft of data for espionage or other criminal purposes. Authorization, therefore, is extremely important to security, but it is also key to boosting brand trust and improving user experience. Join security experts from KuppingerCole Analysts and Ping Identity as they discuss the challenges of authorization in modern IT environments, market trends and changes, and how a modern approach to authorization can address the challenges, including how to cater for consumers and other external parties.

Osman Celik, Research Analyst at KuppingerCole will look at the business and security benefits of moving to policy-based access controls (PBAC), how this supports a Zero Trust approach to security, and how PBAC can be practical and scalable in hybrid and multi-cloud IT environments.Adam Rusbridge, Senior Product Manager at Ping Identity will highlight the main authorization use cases that are driving change in enterprise architecture teams. He/She will also share recommendations on how organizations can improve security, enhance brand trust, and deliver better user experiences.

Business success in the digital era depends on delivering seamless and secure customer experiences. Failure to do so can easily result in abandoned shopping carts, fraudulent transactions, and regulatory fines. However, delivering exceptional experiences and keeping pace with the speed of business is challenging.

Consumer Identity & Access Management (CIAM) is about managing access to customer-facing systems. While organizations have typically focused on using CIAM to collect, store, and analyze consumer data to create sales opportunities and inspire brand loyalty, other potential business benefits are being overlooked.

In a single decade, Application Programming Interfaces (APIs) have evolved from a purely technical concept into one of the foundations of modern digital business, delivering operational efficiency, scalability and profitability to companies from various industries. Nowadays, everything is API-enabled: corporate data is the product and APIs are the logistics of delivering it to customers and partners.

From May 2018 when the upcoming EU GDPR (General Data Protection Regulation) comes into force, the requirements for managing personal data will change. Companies collecting such information from their customers will have to adapt to fundamental changes both in the very definition of personal data and in technical requirements around its secure and privacy-enhanced processing, including topics like consent management, data portability and the right to be forgotten. The scope of this regulation is very broad and it affects all organizations, including global enterprises outside of the EU, that collect, hold or process personal data on EU residents. The requirements for maintaining consumers’ privacy are significantly more stringent through this new framework and the fines for compliance violations have been increased accordingly, reaching up to 4% of the company’s annual worldwide turnover. With less than 12 months to go, is your organization ready to comply with these requirements that demand better controls over how it uses and manages the personal data that it holds?

PSD2 and the Open Banking Standard are regulatory mandates being applied to the banking industry by the European Banking Authority (EBA) and Competition & Markets Authority (CMA) across Europe and in the UK respectively. The regulations require that banks operating across the region expose open APIs to allow other banks and third parties to access the data they hold on customers, when the customer has given their explicit consent. Designed to improve choice for customers, create more competition and stimulate innovation in the finance sector, the introduction of 'open banking' in the UK and across the EU will transform banking as we know it.

Many large enterprises operate with a glut of access security platforms and tools that each service a specific silo of applications and resources. Most are proprietary, and many have expensive and time-consuming agent-based architectures. In addition, because they are usually very tightly connected to the applications, it is a hard task to move them to the cloud or access them remotely. Traditional IAM systems were simply not designed to secure apps outside the corporate firewalls.

Modern access management supports secure online access from any device via one single sign-on (SSO) solution. It doesn’t matter if applications are being deployed either on-premises, in a private or in a public cloud, thanks to a centralized and federated gateway the level of control always remains the same. It also enables developers to work with latest identity standards such as OAuth and OpenID Connect in order to support identity for multiple clouds and mobile environments in various combinations. And all of this, thanks to easy integration, without companies having to alter their existing IT infrastructures.