It's important to keep learning and improving in every phase of life. There are instances when you need to use programming languages like Java and Python, especially when integrating systems or making code changes. One significant challenge was ensuring smooth user migration during system upgrades in Ping. At my current company, based on successful authentication, I enabled secure user migration in the PingOne directory to maintain continuity in user access and minimize disruptions. Another challenge was troubleshooting and resolving issues related to PingID MFA flows, which I addressed through performance tuning, logging, and debugging.
Cyber Security Engineer at TECHMINDZ DIGITAL CONSULTING PRIVATE LIMITED
Real User
Top 20
2024-07-17T12:53:31Z
Jul 17, 2024
The application only supports specific protocols. SAML is more secure than OAuth or OIDC because OAuth and OIDC expose user ID and password. It's similar to using grant types for access and authorization in production and non-production environments. These are the areas that need improvement.
There is room for improvement in the solution, particularly in security. With the increase in phishing attacks, organizations are moving towards passwordless authentication, which is the best approach. It involves checking certificate authentication or other methods instead of relying on user-entered passwords. This is where Multi-Factor Authentication becomes crucial.
Senior IAM Platform Enigeer at Loblaw Companies Limited
Real User
Top 20
2024-07-02T14:25:01Z
Jul 2, 2024
Streamline the user interface for administrators and end-users to make configuration and daily use more intuitive. Reduces the learning curve and administrative burden, leading to better adoption and more efficient management. Optimize performance to handle high-load environments more efficiently, reducing latency and improving response times. Provide more comprehensive and user-friendly documentation, including more use cases, troubleshooting guides, and best practices.
In access token management, we have to attach a certificate. In that column, I have to enable the search option to edit certificates. We can choose a drop-down to search for which certificate we have to create, which is difficult.
They could enhance the product's device tracking for better zero-trust security would be beneficial. Currently, it tracks IPs well but lacks detailed device information, which is crucial from a security standpoint. Setting up applications and configuring policies can be complex, requiring meticulous planning and manual configurations.
It requires some expertise to set up and manage. Also, having dedicated support is helpful. It's not something anyone can just set up and run without assistance – ideally, a team using PingFederate should have at least one or two people with in-depth knowledge of the product.
IDENTITY DEFINED SECURITY PLATFORM delivers a unified, standards-based platform that can be deployed as SaaS, software or both and can scale to handle millions of identities. From multi-factor authentication and single sign-on to access security, directory and data governance, our capabilities work together to give employees, partners and customers secure access to cloud, mobile and enterprise applications, securing and streamlined everything from sign-on to sign-off and everywhere in between.
It's important to keep learning and improving in every phase of life. There are instances when you need to use programming languages like Java and Python, especially when integrating systems or making code changes. One significant challenge was ensuring smooth user migration during system upgrades in Ping. At my current company, based on successful authentication, I enabled secure user migration in the PingOne directory to maintain continuity in user access and minimize disruptions. Another challenge was troubleshooting and resolving issues related to PingID MFA flows, which I addressed through performance tuning, logging, and debugging.
The application only supports specific protocols. SAML is more secure than OAuth or OIDC because OAuth and OIDC expose user ID and password. It's similar to using grant types for access and authorization in production and non-production environments. These are the areas that need improvement.
There is room for improvement in the solution, particularly in security. With the increase in phishing attacks, organizations are moving towards passwordless authentication, which is the best approach. It involves checking certificate authentication or other methods instead of relying on user-entered passwords. This is where Multi-Factor Authentication becomes crucial.
Streamline the user interface for administrators and end-users to make configuration and daily use more intuitive. Reduces the learning curve and administrative burden, leading to better adoption and more efficient management. Optimize performance to handle high-load environments more efficiently, reducing latency and improving response times. Provide more comprehensive and user-friendly documentation, including more use cases, troubleshooting guides, and best practices.
In access token management, we have to attach a certificate. In that column, I have to enable the search option to edit certificates. We can choose a drop-down to search for which certificate we have to create, which is difficult.
They could enhance the product's device tracking for better zero-trust security would be beneficial. Currently, it tracks IPs well but lacks detailed device information, which is crucial from a security standpoint. Setting up applications and configuring policies can be complex, requiring meticulous planning and manual configurations.
It requires some expertise to set up and manage. Also, having dedicated support is helpful. It's not something anyone can just set up and run without assistance – ideally, a team using PingFederate should have at least one or two people with in-depth knowledge of the product.
Ping Identity Platform must improve its UI since its management console is complicated.
The management console needs to be improved. PingID should revise it.
The product is not customizable. It is not suitable for consumer identity management.
The initial setup appears to be difficult in the beginning.