FINE-GRAINED DATA ACCESS GOVERNANCE
PingDataGovernance provides policy-based, fine-grained access controls for attribute-by-attribute data protection and filtering for regulatory compliance and consent management. It has a graphical user interface for business users to collaboratively build, test and enforce access control policies to data across user directories and APIs. It provides a centralized solution to authorize and filter API calls in real time—a huge benefit to managing and enforcing customer data privacy.
COMPLY WITH CONSUMER DATA AND PRIVACY LAWS
Customer data breaches and unauthorized leaks continue to raise awareness and expectations around data security and consumer privacy rights. In response, data protection regulations such as GDPR, HIPAA, GLBA, CCPA, PSD2 and CDR have raised the bar for the way companies protect personal data. PingDataGovernance helps you meet these and other regulatory requirements. For example, you can require customer consent before allowing a partner to access data, or restrict an app’s access to personally identifiable information (PII) altogether. Policies can be enforced based on customer attributes like citizenship, age, or location, and you can set specific levels of customer control and insight into how their data is being accessed.
PROTECT DATA ACCESSED THROUGH DATA STORES AND APIs
PingDataGovernance can enforce data access policies at both the data store and API layer. Acting as an API data security gateway, PingDataGovernance can sit in front or alongside existing API management gateways, evaluating API requests and responses and enforcing policy decisions. API developers don’t have to change how they request data, since policies are enforced as data flows out of the API. In either data store or API deployments, client applications can make an API call for customer data, and centralized policies will ensure that only the appropriate data is returned.
GRAPHICAL POLICY DESIGNER
PingDataGovernance gives non-technical users a drag-and-drop interface for designing policies by layering attributes in a visual policy decision tree. This easy to use, graphical interface can extend policy design to multiple stakeholders to make it a more collaborative effort. This includes allowing non-technical users to visually test a policy implementation based on multiple inputs like user roles, client locations, the data itself, consents and more.
POWERFUL RESOURCE AND ATTRIBUTE FILTERING
PingDataGovernance policies can be configured to allow an API call, but then filter, obfuscate, or remove specific data attributes in the response. This gives you tremendous flexibility in managing fine-grained data authorization and control. PingDataGovernance also allows users to set up dynamic authorization policies that evaluate attributes of the resource itself, information about the requester, or attributes gathered from multiple external systems in real time.
ENFORCE CONSENTS
Customers are seeking greater control over how their data is used and shared. If you are going to capture customer privacy and consent preferences, you need a systematic way to enforce them. PingDataGovernance provides centralized way to enforce consent and granular data privacy preferences—an important capability for regulatory compliance as well as implementation of a Zero Trust data security posture. Now you can easily provide customers with a say in who can view and edit their data, and how it can be used.
DELEGATED DATA ACCESS
PingDataGovernance provides a centralized management solution that enables users to delegate access control of their data to customer service reps, trusted individuals, family members, third parties and others. For example, you can limit user search results to only those users a delegated administrator has the right to view. You can also enforce which specific attributes delegated administrators can view, or specific actions delegated administrators can take.
Want to see how PingDataGovernance can help you reconcile countless user data security and privacy requirements?