Preempt Blog

The latest insights and advice to keep your company protected from insider threats and breaches

Ping + Preempt: Deploying Thousands of Users in a Week

Recently Preempt and Ping joined forces to help a major conglomerate move tens of thousands of employees to a work from home scenario. This enterprise had already chosen Ping to be their identity and access management (IAM) solution, (along with over sixty percent of the Fortune 100 in America).

Identity and IT teams require a close alignment if you have a major move in a short amount of time. IT Security is well aware that over eighty percent of successful attacks and breaches involve Identity, in particular service accounts and privileged users. Any changes or applications of IAM to move users to non-sanctioned equipment, or even working from home (with or without a VPN) involve increased risk to those users.

This conglomerate needed quick:

  • Unified visibility into ALL domain controllers (DC) Preempt
  • To know what their employees were accessing? Preempt
  • Step-up authentication everywhere without adding software on any endpoint PingFederate+ PingID
  • Low-friction: Can they step-up authentication ONLY when necessary? Preempt
  • Send that information about risky triggers to other systems? Preempt 

Ping as an authentication authority allows customers to add that level of step-up authentication to legacy network systems and apps, cloud apps, IaaS environments, and even mobile apps. The integration with Preempt’s sophisticated risk score analysis adds conditional risk-based authentication that was easy on the users and reduced “Type in your password again” fatigue. A risk score is based on many factors from physical location changes, new or insecure devices, accessing a new (to the credential) service, and more.

What were the results? The enterprise went from twenty thousand to over a hundred fifty thousand remote users using MFA in a week. Over two thousand apps – on premises and in the cloud, and a couple mobile – now require MFA authentication based on risk, reducing the number of times a user needs to type their password in a day. For a user experience, there was no difference logging into the domain vs apps in Azure. For IT Security people, the enhancement of visibility and security over the identity store in a complex Active Directory forest delighted them. As the customer said, “We can’t do digital transformation without getting identity right.”

If you missed the webinar, visit this Link

If you’re interested in reading more in a case study whitepaper, visit Here

Would you like to see the PingFederate integration live? We’re doing a Demo Tuesday!

Topics: Conditional Access, Ping, Remote Workforce,

Posted by Jeannie Warner on July 7, 2020 6:26 PM

Product

Brute Force Attacks: Denying the Attacker, Not the User

According tohaveIbeenpwned.com, close to 8 billion accounts have been compromised...

Read More

Developer

What State-Sponsored Attacks Can Teach Us About Conditional Access

People often think that state-sponsored attacks from groups like Lazarus...

Read More

Events

A Simplified Approach to Network Segmentation

Network segmentation has long been one of the most valuable tools for protecting ...

Read More

Research

10 Things You Need to Know About Kerberos

As our research team continues to find vulnerabilities in Microsoft that bypass all major

Read More

Product

Brute Force Attacks: Denying the Attacker, Not the User

According tohaveIbeenpwned.com, close to 8 billion accounts have been compromised...

Read More