The average employee requests access to resources and apps from many locations, networks, and devices, while threats from security attacks and vulnerabilities grow exponentially. With PingID's policy features, you can manage the balance between security and convenience and provide employees with easy and secure access to corporate resources.
The PingID policy introduces three concepts:
- Device posture policies
- Allows you to specify the requirements of the end user's mobile device, such as specifying permitted or disallowed models, or banning the use of devices that are jailbroken, using an old operating system or mobile app version, or are not lock enabled.
- Device pairing policies
- Allows you to specify the conditions under which the PingID pairing process should take place, such restricting MFA onboarding to within your company’s network.
- Authentication policies
- Allows you to specify the conditions under which the authentication process should
take place and which authentication method to use. For example:
- It might not be necessary to require users to do multiple step up authentications if they’re already authenticated within a session and are located at the office.
- You can apply more robust security measures if users are accessing the system from outside the office, or for the first time from a new device.
- You can allow or restrict access based on geofences or network IP definitions.
Note: If you are using PingOne
DaVinci to orchestrate your
PingID flows, you must include the
Evaluate Policy capability in the relevant flow.