PingDataGovernance enables enterprises with fine-grained dynamic authorization controls for user-related data and APIs. Using centralized policies in a graphical policy administration layer, multiple stakeholders across your enterprise can govern access to entire customer profiles or specific attributes to meet privacy regulations, enhance security and enable new business initiatives. PingDataGovernance allows you to:
Enforce customer data-sharing consent for regulatory compliance
Protect data accessed through data stores and APIs
Enable new digital business initiatives
Centralize data access governance control
Externalize policy administration to business users instead of developers
Govern access to entire resources or individual attributes
Provide delegated resource management
PingDataGovernance gives you centralized, fine-grained control over who has access to your customer data and who can do what with your enterprise’s APIs. You can restrict access based on customer consent or simply to prevent exposure of attributes to apps that don’t require them to function. PingDataGovernance is an important addition to Ping’s customer IAM solution that will help you build trust and enable seamless and secure experiences for your customers, especially in a world that is powered more and more through APIs.
Fine-grained user data and API access controls
Externalized dynamic authorization with a graphical policy administration interface for business users
Flexible policies for regulatory compliance and enforcing user consents
Dynamic authorization based on any number of attributes, including real-time risk scores, data source lookups and more
Deployed as API security gateway or as SCIM API for data stores
Attribute-by-attribute data access governance
The ability to allow, block, filter or obfuscate unauthorized data
Out-of-the-box policy examples and templates
Delegated account administration and data access
SDKs for extensions and customizations
Supported Standards & Protocols
XACML 3.0 JSON Profile 1.1
How It Works
ADMINISTRATION INTERFACE FUNCTIONALITY
In the "Trust Framework" section of the UI, administrators can dynamically connect and define the data sources that will be used by policy, and the “Policies” section allows business users to define hierarchies of conditions and rules to evaluate data and make policy decisions.
DEPLOYMENT OPTIONS: DATA STORES AND APIs
Enterprises have the option of implementing PingDataGovernance on a directory or other data store, allowing your developers to access data by invoking a SCIM API rather than connecting directly. Alternatively, implementing PingDataGovernance at the API layer provides a way to deploy the solution as unobtrusively as possible. As an API security gateway, PingDataGovernance can be deployed as a proxy or sideband to existing API management gateways. It evaluates API requests and responses, and enforces policy decisions—all without asking your developers to make any changes at the database or microservice level.
WORKS WITH ANY STRUCTURED DATA
The fine-grained data access and response filtering in PingDataGovernance was built for out-of-the-box deployment on user data at the directory and/or API layer. But it’s not limited to user data. At the API layer, it’s capable of governing any type of user-related structured data, like healthcare records, IoT device data and banking transactions.
MANAGE DATA PRIVACY & CONSENT
Capture and enforce customer data-sharing consent
Manage data-sharing choices across channels
Enforce customizable, centralized governance policies reflecting a broad range of regulatory constraints
PROTECT DATA ACCESSED THROUGH DATA STORES AND APIS
Make an API call for customer data with client applications, while centralized policies ensure that only the appropriate data is returned
Evaluate identity attributes, entitlements and other contextual information to authorize critical actions and the retrieval of high-value data
Enable API developers to preserve how they request data
ENABLE NEW DIGITAL BUSINESS INITIATIVES
Update policies in minutes with a drag-and-drop UI, and changes don’t require your apps to modify their code
Grant access to data and/or resources based on customer purchases or other business logic
Privacy, Consent and GDPR
A look at how to architect the impossible within the most complex enterprises in the world.
Identity and the Zero Trust Model
The Security Leader's Guide to strong network security in a world of anywhere access.
Take the Next Step
See how Ping can help you stay ahead of the curve in a rapidly evolving digital world.
Thank you! Keep an eye on your inbox. We’ll be in touch soon.