Johannesburg, 05 Sep 2016
RSA, the security division of EMC, has announced new, innovative identity assurance and identity governance capabilities in RSA Via, designed to help organisations effectively balance security and user convenience as they assure identities and better govern and manage privileged access. New authentication choices in RSA Via Access are built to match the right levels of assurance to what a user is accessing. New RSA Via Lifecycle and Governance capabilities are engineered to provide greater visibility into access of privileged systems to help defend against targeted attacks. This powerful combination offers customers more effective choices for identity assurance and the ability to more effectively manage risk.
"These new capabilities are now available to our African customers," continues Anton Jacobsz, MD of value-added reseller, Networks Unlimited, "who are certain to appreciate the emphasis on user convenience and the identification of various levels of risk with appropriate levels of assurance."
Balancing security and convenience
To guard against advanced threats, organisations need to better align system access risk and appropriate levels of identity assurance. RSA Via Access is engineered to now automatically align authentication methods to an access request's risk level by allowing administrators to prescribe identity assurance requirements and flexible step-up authentication policies based on security requirements. For example, access to an organisation's most important assets might require RSA SecurID authenticators or biometric authentication methods, while less critical assets require a less strong level of assurance. RSA Via Access is engineered to allow security admins to choose which assurance level is needed for various access scenarios based on contextual attributes like location and device used, to help ensure security is not compromised.
Organisations also need to balance the needs of security with user convenience. RSA Via Access takes choice to the next level, as organisations can now offer an even greater variety of authentication methods commensurate to the sensitivity of the application. By delivering a variety of authentication mechanisms, users are able to prove their identity in ways that are most convenient to them as opposed to a "one-size-fits-all" approach.
In addition to TouchID fingerprint verification and tap or shake authentication, RSA Via Access is designed to now include additional biometric capabilities through the integration of Eyeprint ID, a biometrics technology powered by EyeVerify. This new technology is engineered to use the unique pattern of eye veins and other micro features to authenticate a user by confirming a known biometric print with a trusted device. The RSA Via Access server is also now FIDO Certified, and can support devices that leverage the FIDO U2F standard, offering organisations and users additional authentication methods and convenience.
Governing and administering risk of privileged access
Administrators with privileged access own the keys to an organisation's most sensitive information assets and critical systems. RSA Via Lifecycle and Governance's powerful attestation capabilities and other features help organisations systematically govern and manage the access of these privileged users across the identity lifecycle. RSA Via Lifecycle and Governance is now designed to be interoperable with the CyberArk Privileged Account Security Solution, providing necessary visibility into and governance over privileged access. Additionally, RSA Via Lifecycle and Governance is engineered to support provisioning to privileged accounts managing the lifecycle of a user's privileges as an employee joins, leaves, or changes roles within an organisation.
RSA provides more than 30 000 customers around the world with the essential security capabilities to protect their most valuable assets from cyber threats. With RSA's award-winning products, organisations effectively detect, investigate, and respond to advanced attacks; confirm and manage identities; and ultimately, reduce IP theft, fraud, and cybercrime. For more information, go to www.rsa.com.
Share