Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

1/26/2011
02:15 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

RSA Gives SMBs Enterprise-Class Alternative To Passwords

RSA Authentication Manager Express strengthens security of remote access to company data and online resources

Bedford, MA— RSA, The Security Division of EMC (NYSE: EMC) announced RSA' Authentication Manager Express, its newest strong authentication solution designed to meet the cost and convenience requirements of SMBs. The same risk-based RSA technology used to protect millions of online transactions every day and more than 250 million identities worldwide is being made available in a package that businesses of any size can use.

Today's organizations are faced with the challenges of an increasingly mobile workforce, stricter regulations, and advanced threats that target sensitive information and intellectual property. Both industry researchers and real-world security breach events have demonstrated for years that weak, password-only protection is no match for savvy cybercriminals, and no longer is considered an effective method of preventing unauthorized users from accessing company resources.

RSA Authentication Manager Express is a risk-based and on-demand authentication system designed for organizations to provide up to 2,500 end users with secure access to data and business applications through SSL Virtual Private Networks (VPNs) and online portals. The system employs an intelligent risk engine engineered to provide invisible, behind-the-scenes protection of web-based resources against unauthorized access. Users continue to employ their standard username and password. Security is stepped up when the risk engine detects abnormal behavior, requiring users to correctly answer personal challenge questions and/or enter SMS- or email-delivered one-time passcodes before access is granted.

"There has always been a need for strong authentication in small and mid-size organizations, yet adoption has been slow because most offerings have fallen short of meeting the cost and convenience needs of these customers," said Sally Hudson, Research Analyst at IDC. "Previous enterprise-class solutions have traditionally been too costly to deploy and manage for smaller organizations; cheaper alternatives lacked end-user convenience and didn't provide multi-layered protection. RSA Authentication Manager Express combines the best of RSA's expertise and innovation in enterprise and consumer authentication technology to provide the right balance of security, simplicity and features required by smaller organizations."

"Strong authentication has become a business requirement that is often mandated by regulations which apply to organizations of every size," said Tom Corn, Chief Strategy Officer for RSA, The Security Division of EMC. "Building on more than 25 years of innovation and leadership, we've engineered the RSA Authentication Manager Express solution to provide enterprise-class identity protection and security while also meeting vital ease of deployment, cost and end-user convenience requirements of SMBs. The solution also demonstrates a compelling model and vision for securing access to web-based applications and resources using smart phones and mobile devices that have become a mainstay for business end-users."

Easy Transition from Password-only to Strong Authentication

RSA Authentication Manager Express helps organizations ensure the highest confidence that only approved users are accessing data and applications without inconveniencing them. The solution offers an easy way for organizations - including those that have never deployed multi-factor authentication in their environments - to implement a stronger and more secure alternative to password-only protection within a solution that is easily installed and requires near-zero ongoing management.

Additional benefits:

* Proven technology that can be tailored to an organization's resource constraints, risk tolerance, and the profile of its users * Layered approach for added strength of security; is invisible to end-users unless authentication is outside of established policy * Nothing for end-users to manage making it ideal for employee, partner and client/customer use cases. Seamless integration with leading SSL VPNs and Web Servers requiring minimal IT resources * Audit capabilities help organizations track what users are accessing to meet changing compliance regulations; canned reports help simplify proving compliance

"By adding an authentication solution based on RSA Authentication Manager Express to our portfolio, we anticipate being able to offer even more valuable services to both existing and new customer bases," said Richard van der Graaf, Security Consultant, CISSP, at Netherlands-based Vosko Networking B.V., a member of the RSA SecurWorld Partner Program. "In particular, we expect that organizations in the public sector - such as hospitals and local governments - with relatively small user numbers and straight-forward online security requirements, will appreciate the simplicity and ease-of-use of the solution."

"Most authentication solutions are geared towards the enterprise, but this platform is appliance-based and much more accessible for mid-market organizations," Morten Ekeroth Stenfeldt, Product Manager & Team Leader, IT Security at Denmark-based Distributor SEC DataCom A/S. "Being quick and simple to deploy as well, it's a compelling offering for mid-sized businesses and we look forward to helping our resellers engage with them by providing new security solutions based on RSA Authentication Manager Express."

"RSA Authentication Manager Express is another great example of RSA innovation that will help us meet strong demand from our mid-market customers for an industry-leading strong authentication solution designed specifically for them," said Justin Mescher, CTO, Integrated Data Storage Solutions. "RSA's product is cost-competitive, implements seamlessly into almost any IT environment and is designed to be one of the easiest ways to add another layer of security to resources that require end user remote access. Coupled with an expanded set of RSA SecurWorld reseller training resources and benefits, we expect RSA Authentication Manager Express will help us drive new interest among mid-market customers that were previously hesitant to consider strong authentication solutions priced and designed for larger enterprises."

RSA Authentication Manager Express will be generally available in Q1 2011 through authorized RSA resellers and distributors. More information can be found at http://www.rsa.com/node.aspx?id=3843.

About RSA

RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19037
PUBLISHED: 2019-11-21
ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero.
CVE-2019-19036
PUBLISHED: 2019-11-21
btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero.
CVE-2019-19039
PUBLISHED: 2019-11-21
__btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program.
CVE-2019-6852
PUBLISHED: 2019-11-20
A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions), which could cause the disclosure of FTP har...
CVE-2019-6853
PUBLISHED: 2019-11-20
A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful Cross-site Scripting (XSS attack) when using the products web server.