RiskTech Forum

RSA Expands its Technology Ecosystem for Authentication

Posted: 1 December 2017  |  Source: RSA

RSA®, a global cybersecurity leader delivering Business-Driven Security™ solutions, is expanding its technology ecosystem to make strong authentication more continuous, proactive, and pervasive. Offering seamless interoperability with the CyberArk Privileged Account Security Solution, Microsoft Windows Hello, Palo Alto Networks Next-Generation Firewall, and VMware Workspace ONE, RSA enables organizations to quickly and easily leverage the broad set of modern mobile authentication methods from the RSA SecurID® Access solution.

As organizations migrate to cloud, mobile, and IoT platforms, their attack surfaces expand, all while cyber threats accelerate exponentially. With applications and devices moving outside the physical boundaries of corporate headquarters, identity has emerged as the new perimeter to borderless networks, and a preferred attack vector used by adversaries to breach systems and exfiltrate sensitive data. As a result, validating that users are who they claim to be by requiring multi-factor authentication (MFA) has become a foundational security best practice.

“Many organizations struggle with the inherent identity risk posed by running hybrid environments consisting of many on-premises resources, dozens of SaaS applications, and multiple cloud service platforms – all with their own unique accounts and credentials,” said James Ducharme, vice president, Identity Products, RSA. “Together, RSA and its technology partners can bridge these islands of identity and enable organizations to achieve ROI from their security investments and deliver a modern approach to authentication that is more continuous, proactive and pervasive, all while making it a more integral part of network and application security.”

Through the RSA Ready program, RSA works with more than 400 technology partners to build an ecosystem of cloud, web, on-premises, and mobile solutions that seamlessly implement multi-factor authentication. This ecosystem enables organizations to quickly and easily leverage the broad set of modern authentication methods from the RSA SecurID Access product, including mobile push, along with machine-learning analytics and its advanced policy engine for complete visibility and control over who has access to what.

RSA is announcing interoperability between the following technologies:

CyberArk Privileged Account Security Solution and RSA SecurID Access Software interoperability: By combining the market-leading CyberArk Privileged Account Security Solution, which discovers accounts, rotates passwords and monitors usage to provide visibility and accountability over privileged activity, with the RSA SecurID Access product, organizations benefit from the most widely-deployed multi-factor authentication solution designed to ensure that only authorized users are accessing privileged accounts. Customers can easily use their existing RSA SecurID Access deployments to protect access to their CyberArk Privileged Account Security Solution. For organizations moving to the cloud, this joint solution can be extended to protect privileged access to SaaS applications and administrative consoles for cloud service providers and DevOps tools.

RSA SecurID Access software proximity authentication for Microsoft’s Windows Hello: By interoperating with the native Hello framework within Windows 10, the RSA SecurID Access product enables organizations to use the proximity of a user’s Android or iOS smartphone as an authentication factor for determining secure Windows access. Once the RSA SecurID Authenticate and RSA SecurID for Windows Hello applications are paired together over an encrypted Bluetooth channel, users can use the proximity of their mobile devices to unlock and lock their Windows 10 machines. With this new capability combined with RSA SecurID Access interoperability with Azure Active Directory for SaaS applications including Office 365, organizations can deliver a consistent authentication experience, from the desktop to the cloud.

The Palo Alto Networks Next-Generation Firewall and RSA SecurID Access software interoperability: When attackers steal legitimate credentials, they can blend in with normal users and move laterally across the network while evading detection. RSA and Palo Alto Networks have collaborated to help prevent the use of stolen credentials through an interoperability of RSA SecurID Access and Palo Alto Networks Next-Generation Firewall to enforce multi-factor authentication at the network level before granting access to sensitive resources. This interoperability enables organizations to implement multi-factor authentication for all sensitive web-based or thick-client applications without requiring any application changes, including those that don’t support standard authentication protocols. This helps eliminate the cost, complexity and time associated with custom development. Enforcing strong authentication at the network layer further reduces the attack surface, providing organizations with greater visibility and security.

VMware Workspace ONE and RSA SecurID Access product interoperability: Workspace ONE provides users with access to their digital workspaces, giving them a common, single sign-on experience across all cloud, mobile, on-premises and virtual applications. The interoperability between RSA SecurID Access software and Workspace ONE gives IT a broad set of modern multi-factor authentication options designed to confirm users are who they claim to be. Organizations can use these options, including mobile push to approve or machine learning analytics, individually or in combination to have the level of appropriate security for the level of risk. This can make it easier for organizations to implement security they need, while also providing the convenient app access users want.

“To respond to the growing number of security attack vectors across the digital workspace, we have built Workspace ONE as an industry-leading core platform for a modern security architecture that bridges critical security technologies through open application programming interfaces (APIs),” said Ashish Jain, vice president of product management, End-User Computing, VMware. “VMware and RSA plan to continue to work to deliver secure yet simplified access to applications at any time, from anywhere, on any device.”