RSA Transforms Enterprise Authentication With Big Data-Driven Risk Analytics

As today’s IT infrastructures become more fragmented across cloud-based applications and mobile devices, enterprise network boundaries are all but disappearing. At the same time, the ‘consumerisation’ of IT means that even enterprise users demand simple, transparent access to applications and information, no matter which device they choose to use. Organisations confront unprecedented identity risk arising from these key technology disruptions, and the task of creating and maintaining trusted relationships is becoming more difficult than ever. Addressing these challenges, RSA, The Security Division of EMC, has announced the upcoming release of RSA Authentication Manager 8, the next-generation access control solution engineered to combine both strong one-time password technology and risk-based authentication to secure access to sensitive data and resources in the enterprise and the cloud.

RSA Authentication Manager 8 is engineered to use a risk-based approach to evaluate and assure user identities transparently. User login processes are fast, familiar and simple while RSA’s self-learning Risk Engine conducts authentication checks in the background against a number of unique risk factors to help assure the security of every user session.

Leveraging Big Data analytics, RSA Authentication Manager 8 is designed to provide deeper visibility into access control risk by building rich user profiles based on both device and behavioral characteristics to detect and permit normal behavior and challenge or block anomalous activity. By providing automated access control measures that leverage dozens of unique risk factors, RSA Authentication Manager 8 is engineered to provide secure access control that goes well beyond stand-alone two- and multi-factor authentication methods helping to give organisations a higher level of identity assurance without compromising user convenience or productivity. With the potential to employ more than 100 risk factors in near-infinite combinations, organisations are better equipped to evaluate trust and risk based on user activity and can establish an acceptable level of authentication assurance based on individual risk tolerance.

RSA Authentication Manager takes an intelligence-driven security approach to detect unauthorised access and anomalous activity while the self-learning risk engine protects against current, emerging and future advanced threats. The built-in features, including an enhanced administrator user dashboard and self-service portal, are designed to help both minimise help desk calls and enable IT teams to do more with less by addressing many of the most time-consuming and costly tasks of managing a traditional enterprise authentication deployment. In addition, RSA Authentication Manager 8 includes secure software token provisioning, ensuring that sensitive token or user information can be created dynamically and without having to be sent over the Internet.

Risk-based authentication can be deployed alongside RSA SecurID hardware, software and on-demand authenticators. Use cases can be expanded to cover applications and users including temporary employees, contractors and partners that were previously viewed as too cost-prohibitive to cover using strong authentication. It increases security transparently without compromising user convenience by preserving the traditional logon experience of username/password and conducts risk assessments invisibly in the background.

Additionally, RSA Authentication Manager 8 will be available as a VMware Virtual Appliance which can help organisations leverage the potential of their virtual environments by streamlining deployment, administration and on-going system management.

RSA Authentication Manager 8 is the cornerstone of the RSA Adaptive Identity & Access Management Portfolio. It leverages the same risk engine technology found in RSA Adaptive Authentication, which today protects more than 350 million consumer identities, and combines it with the power of RSA SecurID technology to provide a solution both flexible and strong enough to meet the diverse needs of any enterprise. When combined with RSA Access Manager and RSA’s federated solutions, RSA Authentication Manager is engineered to support the broadest range of enterprise use cases and cloud applications.

Manoj Nair, Senior Vice President and General Manager, RSA Identity & Data Protection, said, “As the enterprise perimeter continues to disappear and the threat landscape continues to change, so must our approach to authentication. Today, only 20 percent of enterprises deploy some form of strong authentication for their users – leaving the other 80 percent at risk. Our goal with RSA Authentication Manager 8 is to turn what is fundamentally a Big Data problem into a cost-effective and seamless solution that can help protect 100 percent of users. By leveraging a Big Data Risk Analytics approach, we are taking the next step towards creating an “infinite factor” system where nearly any element, device attribute or behavior can be part of the equation to calculate risk and authenticity of a user while making it simpler and more effective for the end user.”