PingID policy settings
The average employee requests access to resources and apps from many locations, networks, and devices, while threats from security attacks and vulnerabilities grow exponentially. With PingID’s policy features, you can manage the balance between security and convenience and provide employees with easy and secure access to corporate resources.
The PingID policy introduces three concepts:
- Device posture policies
-
Allows you to specify the requirements of the end user’s mobile device, such as specifying permitted or disallowed models, or banning the use of devices that are jailbroken, using an old operating system or mobile app version, or are not lock enabled.
- Device pairing policies
-
Allows you to specify the conditions under which the PingID pairing process should take place, such restricting MFA onboarding to within your company’s network.
- Authentication policies
-
Allows you to specify the conditions under which the authentication process should take place and which authentication method to use. For example:
-
It might not be necessary to require users to do multiple step up authentications if they’re already authenticated within a session and are located at the office.
-
You can apply more robust security measures if users are accessing the system from outside the office, or for the first time from a new device.
-
You can allow or restrict access based on geofences or network IP definitions.
-
If you are using PingOne DaVinci to orchestrate your PingID flows, you must include the Evaluate Policy capability in the relevant flow. |