RSA, the Security Division of EMC, says that its RSA Via portfolio of identity products, and specifically RSA Via Access, is gaining momentum in the marketplace. What’s more: customers, partners, technology integrators and analysts are loudly voicing their support.
According to Jim Ducharne, vice-president of Engineering and Product Management at RSA, every security breach has an identity component. “It’s no wonder that having identities synced into cloud platforms is the number one objection to moving to an Identity-as-a-Service model, and RSA Via Access is designed to solve the problem with its hybrid-cloud approach,” he says. “Simply put, sensitive user credentials remain safely ensconced on premises, while benefiting from the efficiency and scale of an as-a-service solution.
“An on-premise Identity Router (IDR) is engineered to keep sensitive information within the organisation, where it belongs, and offers centralised management while successfully brokering authentication events from the cloud between LDAP, on-premise apps and cloud apps.”
This hybrid approach can also utilise customers’ RSA SecurID deployment, leveraging the IDR to extend their world-class token technology to support SaaS and web applications.
To help secure identities, RSA Via Access is bolstered by the full RSA Via portfolio, RSA Via Lifecycle and Governance. Together, they offer an end-to-end solution that is built to provide a single, central view of identity, resources, entitlements and access to help organisations regain control over identities and benefit from global access.
“The November 2015 hacking of the Gauteng Department of Infrastructure Development’s e-Maintenance website once again placed the growing problem of cybercrime in South Africa’s government departments in the spotlight,” says Anton Jacobsz, MD of Networks Unlimited, the company that distributes RSA solutions in southern Africa. “Fortunately, cyber security was placed at the top of state security’s 2015/2016 budget vote speech, and government is in the process of passing new legislation – the Cybercrimes and Cyber Security Bill.”
Jacobsz adds that with the increase in cybercrimes, Networks Unlimited chose to offer its southern African customers the RSA Via Access, and RSA Via Lifecycle and Governance portfolio as its provides users with the power to “know who has access to what, and the capacity to securely manage access, as well as pinpoint anomalies/unauthorised access changes.”
Ducharne points out that faced with a proliferation of SaaS applications around the organisation, many enterprises settle for quick, band-aid solutions. “As a result, they build separate identity infrastructures, or ‘islands of identity’, that create a chasm between these apps and other legacy systems. This limits visibility into – and management of – these infrastructures. Nirvana for most companies would be to manage access to all SaaS, legacy, customer applications and on-premise web apps from a central platform,” he says.
RSA Via Access helps support this, with newly introduced localisation features designed to offer portal access in a variety of languages for global scale.
“There no longer has to be a trade-off between security, convenience and cost. Many organisations think they can only optimise one of these variables at the expense of the others. Organisations really need a spectrum of authentication options. Not one size fits all. RSA’s commitment to easier and better authentication is demonstrated by our growing ecosystem of authentication methods. In addition to Apple’s TouchID fingerprint verification, Tap or Shake to Approve an authentication request, and one-time passcode prompts, users will also be able to confirm push notifications on an Apple Watch – further improving a user’s experience, and helping enable quick and secure authenticate,” says Ducharne.
The integration of RSA Via Access with RSA SecurID authentication also helps increase the number of authentication methods to cloud apps, enabling further optimisation of convenience and security. “RSA Via Access is engineered to offer a set of mobile-optimised authentication methods that deliver convenience to users combined with contextual level of authentication that provides as much strength as needed. After all, not all applications are the same,” he says.