One of the things we are always striving for at Ping Identity is to provide effective security with minimal user friction. Security measures that are difficult to work with can result in user resentment, and in a worse case scenario, create an environment where customers don’t want to leverage your offering. Our friends at Citrix clearly feel the same way. They have developed Citrix Analytics to detect anomalous behavior for users of Citrix Workspace and partnered with Ping Identity to further boost security with Ping’s adaptive MFA solution, PingID.
If you are interested in finding out more about Citrix Analytics you can read the Citrix blog post, but in the meantime, here is a short quote from their blog, “It is a multi-tenant solution that uses machine learning to profile all Workspace users in the customer environment. When an end user exhibits anomalous behavior, like logging in from an unusual location one fine day, Analytics flags the user.”
Contextual Authentication and Access
To improve security for their customers, Citrix sought a powerful, flexible multi-factor authentication (MFA) solution that could leverage the risk score provided by their analytics solution to invoke step-up authentication when needed during the login process. They also wanted Citrix Workspace administrators to be able to build rules to restrict access to sensitive resources if a user’s activity is deemed too risky by the Citrix Analytics engine or by the contextual policies within PingID.
Citrix partnered with Ping to provide these capabilities to their customers. PingID MFA will be used to provide step-up authentication based on output from the Citrix analytics service. Users can authenticate via phishing-resistant FIDO authentication, OTP, push notification, voice notification and more. Ping’s Authentication Authority will provide the authentication orchestration, and the integration of Citrix Analytics into the authentication flow. Finally, PingAccess policies will leverage the Citrix Analytics risk score in order to conditionally restrict access to sensitive resources by risky users.
Security and Usability
The combination of user analytics, flexible authentication options, and context-aware authorization policies give administrators the capabilities to precisely tailor the authentication and authorization experience when accessing the Citrix Workspace, to the needs of their enterprise.
Integrations and partnerships like this show how the security industry, and now the software industry as a whole, is evolving to use identity-based intelligence and contextual factors to optimize security while preserving user convenience. It’s always a win when we can keep both the security team and the customer advocates happy at the same time.