Today were releasing even more innovation and answers to IT/workforce friction with the Summer release of PingOne, our cloud-identity service, which now includes expanded password management capabilities including user self-service.
These days, password management tools utilizing password replay are an increasingly popular, well-understood consumer solution for "too many passwords." In the workplace, such a tool has some of the same advantages: end-users can leverage the tool creatively, storing their own passwords, and using it to access external services quickly and easily.
So now PingOne provides both IT-controlled authentication tools (both SAML and password replay for company-selected services), and password replay tools for end-users to set up themselves. All accessed via an employee's one, company-controlled account, providing the consistency and balance so important to IT-- and overall security.
Of course, some organizations will not want, or be able to, offer their workforce this tool. That's okay--we've added it to PingOne accounts with an "opt in" control for admins. It isn't available to their workforce until admins decide it should be.
When account admins "enable personal apps" their workforce will be greeted with a simple three-step explanatory slideshow, alerting them to the new feature and explaining how to use it. End-users are then able to toggle from the company-provided apps to a new, personal space, where they can add the apps they also want to use. They are shown the app catalog, where they can browse and search our extensive list of apps.
We've had many requests for this new "Personal Apps" feature, and we look forward to hearing how you simplified your user management, saved time and money, and improved security. And hopefully,eliminated even more of those pesky password post-its littering cubicles everywhere.
Also in this PingOne Summer release, we have added multi-factor authentication policy management, designed to work with thrid-party secondary authentication services - including our brand new PingID. This PingOne MFA policy manager supports logic for IP blocks (e.g., step-up authentication for anyone outside the building) as well as by user group. It can apply the additional authentication for all access, or for access only to select apps.
As we kick off work for the second half of the year and another release, we're excited about expanding our MFA policy editor to support complex and "layered" policy designs. We've discussed the needs for these features with customers in both the Americas and Europe. It clearly represents an area where more innovation could be very useful.
Do you have complex MFA use cases on your mind? Do you currently have, or are you pondering complex logic or "layered" solutions with IP addresses, device types, time of day, and or user groups? Which third-party secondary authentication would you want most in a cloud-based IAM solution? Are there limitations to your current tools we can help you with?
We have worked closely with our customers for years to craft our current feature set. I would welcome your input and thoughts. Feel free to drop me a note at apackard-at-pingidentity-dot-com.
See today's other Ping Identity blogs and product releases: