Fine-grained Dynamic Authorization
PingDataGovernance provides policy-based, fine-grained dynamic authorization for actions and data protection. A drag-and-drop policy editor allows you to react to business changes instantly to adhere to regulatory requirements, enhance security or enable new business initiatives. It has a graphical user interface for business users to collaboratively build, test and enforce access control policies to data across user directories and APIs. It provides a centralized solution to authorize and filter API calls in real time—a huge benefit to managing and enforcing customer data privacy.
Comply with Consumer Data and Privacy Laws
Customer data breaches and unauthorized leaks continue to raise awareness and expectations around data security and consumer privacy rights. In response, data protection regulations such as GDPR, HIPAA, GLBA, CCPA, PSD2 and CDR have raised the bar for the way companies protect personal data. PingDataGovernance helps you meet these and other regulatory requirements. For example, you can require customer consent before allowing a partner to access data, or restrict an app’s access to personally identifiable information (PII) altogether. Policies can be enforced based on customer attributes like citizenship, age, or location, and you can set specific levels of customer control and insight into how their data is being accessed.
Protect Data Accessed through Data Stores and APIs
PingDataGovernance can enforce data access policies at both the data store and API layer. Acting as an API data security gateway, PingDataGovernance can sit in front or alongside existing API management gateways, evaluating API requests and responses and enforcing policy decisions. API developers don’t have to change how they request data, since policies are enforced as data flows out of the API. In either data store or API deployments, client applications can make an API call for customer data, and centralized policies will ensure that only the appropriate data is returned.
Enable New Digital Business Initiatives
The speed of the digital world requires real-time agility and insight. PingDataGovernance delivers centralized dynamic authorization policies that can evaluate identity attributes, entitlements and other contextual information to authorize critical actions and the retrieval of high-value data. For example, you can use PingDataGovernance to implement and manage a global customer rewards program that evaluates a user’s point total, geographical location and purchase volume to automatically determine the appropriate reward level. Update policies in minutes with a drag-and-drop UI, and rest easy knowing changes don’t require your apps to modify their code.
Graphical Policy Designer
PingDataGovernance gives non-technical users a drag-and-drop interface for designing policies by layering attributes in a visual policy decision tree. This easy-to-use, graphical interface can extend policy design to multiple stakeholders to make it a more collaborative effort. This includes allowing non-technical users to visually test a policy implementation based on multiple inputs like user roles, client locations, the data itself, consents and more.
Powerful Resource and Attribute Filtering
PingDataGovernance policies can be configured to allow an API call, but then filter, obfuscate or remove specific data attributes in the response. This gives you tremendous flexibility in managing fine-grained data authorization and control. PingDataGovernance also allows users to set up dynamic authorization policies that evaluate attributes of the resource itself, information about the requester, or attributes gathered from multiple external systems in real time.
Delegated Data Access
PingDataGovernance provides a centralized management solution that enables users to delegate access control of their data to customer service reps, trusted individuals, family members, third parties and others. For example, you can limit user search results to only those users a delegated administrator has the right to view. You can also enforce which specific attributes delegated administrators can view, or specific actions delegated administrators can take.
Automation in a Hybrid IT World
You can deploy PingAccess in your own datacenter or in the cloud to support hybrid IT environments, and you can realize value faster by leveraging Docker images and cloud containerization. This provides flexibility to enterprises who prefer the control and customization possible from a single-tenant implementation of PingAccess in their private cloud, instead of a multi-tenant IDaaS approach.
Want to learn how PingDataGovernance can help you reconcile countless user data security and privacy requirements?
Take the Next Step
See how Ping can help you stay ahead of the curve in a rapidly evolving digital world.
