The two companies announced a joint agreement to work towards bettering the country’s infrastructure against cyber threats.
Software company Ping Identity has announced an agreement with IT provider Carahsoft on a contract to help strengthen national cybersecurity defenses in a number of different ways. The goal of this partnership is to modernize the nation’s cybersecurity defenses with advanced identity, credential and access management (ICAM) capabilities.
“Carahsoft is the largest distributor for technology companies selling to the US Federal Government,” said Bryan Rosensteel, Ping Identity’s Federal Principal Architect. “With Ping Identity’s renewed focus in this space, Carahsoft will amplify our sales efforts by offering supporting services and benefits to partners and customers. An example is the ease of procurement and the extension of that process to all of the ways Ping Identity Solutions can be deployed, whether that is cloud-hosted, FedRAMP environment, our on-premises solutions, or our DevOps deployment options. ”
SEE: Google Chrome: Security and UI tips you need to know (TechRepublic Premium)
Under the agreement, Carahsoft’s knowledge of the government and its procurement process will push for public sector companies to consider use of Ping Identity’s ICAM solutions. The ICAM is defined by Ping as the “the set of tools, policies and systems that an agency uses to enable the right individual to access the right resource, at the right time, for the right reason.” Ping’s ICAM solutions consist of five components: federation, identity management, credential management, access management and governance.
Federation consists of the “technology, policies, standards and processes that allow an agency to accept digital identities, attributes and credentials managed by other agencies”, according to Ping’s website. Identity management assists enterprises with the process of collecting, verifying and managing attributes by providing a high performance data store for identity and profile data. Credential management allows organizations to issue, manage and revoke credentials bound to enterprise identities, while access management is simply authenticating users’ connection to certain systems. Lastly, governance is the practices and systems that guide the ICAM’s functions and activities.
“The relationship creates a more efficient experience as Carahsoft has access to more popular contract vehicles,” said Beth Drew, vice president of Global Channels at Ping Identity. “Through our relationship they can extend access to those vehicles to our reseller partners, allowing government customers greater ease in the purchasing process, and our resellers more options to provide Ping Identity solutions to the government.”
SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)
As the 2021 Executive Order on Improving the Nation’s Cybersecurity stated, the US is constantly under attack from malicious cyber threats. This executive order has begun to require federal agencies to adopt best practices, making cloud migration a priority and urging investment in Zero Trust Security. The intention of this partnership is to make it more efficient for Federal customers and channel partners to work jointly through the acquisition process and expedite the integration of cybersecurity technologies and best practices.
“When we look at the expanding and evolving cybersecurity guidance and policy coming from NIST, CISA, OMB, and the White House, there are central themes to best practices and requirements for US Federal Agency ICAM implementations,” said Rosensteel. “What is interesting about Ping Identity is these aspects are within our core capabilities, and really are the DNA of what our solutions have been built around. Additionally, we can help US federal agencies take things to the next level, by providing sophisticated API monitoring around ICAM controls and requests, and take corrective action or flag anomalous behavior, without reliance on static controls and rules. More or less, Ping Identity can be the core functionality behind a modern ICAM zero trust architecture, but then provide a mechanism for bringing a trust-but-verified approach to those same systems. “