Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

2/28/2012
09:21 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

RSA Collaborates With Mobile Technology Partners To Help Assure Trust For Mobile Business

Companies integrating RSA mobile authentication into virtual desktop, virtual application, and VPN solutions

Click here for more articles.

RSA' CONFERENCE – SAN FRANCISCO– February 28, 2012

News Summary:

Developers and providers of next-generation mobile platforms and applications – including Appcelerator, Citrix, FeedHenry, Good Technology, Juniper Networks, VMware and Zscaler – are collaborating with EMC’s RSA security division to implement strong authentication technology optimized for a variety of mobile use cases Working through the Secured by RSA' Certified Mobile Partner program, technology partners are integrating RSA mobile authentication technologies into applications to enable a simplified yet secure mobile user experience RSA mobile authentication technology integrates RSA SecurID' technology and the RSA' Adaptive Authentication solution optimized for mobile applications for leading device platforms including Apple' iOS, Google Android™, and RIM Blackberry' devices

Full Story: Leading-edge mobile technology providers and developers are collaborating with RSA, The Security Division of EMC (NYSE: EMC) to build additional layers of security and access control into next-generation mobile solutions by integrating RSA mobile authentication technology into their products. RSA mobile authentication technology is designed to enable innovative mobile use cases that incorporate strong security without sacrificing usability.

The rapid adoption of smart phones and tablets among consumers and employees has ushered in a new set of security and data privacy challenges for organizations. For application access, these challenges are divided into two core categories: the first is remote access to a corporate network from a mobile device and the second is ensuring trusted access to an explosion of new applications purpose-built for mobile platforms. Security and access control is a paramount concern in each of these scenarios and is being uniquely addressed with innovative new implementations of RSA authentication technologies that leverage the special attributes of mobile platforms to help authenticate mobile devices and their users.

Working in collaboration with RSA, mobile technology providers are integrating RSA mobile authentication into virtual desktop, virtual application, and VPN solutions in order to secure access to traditional network environments. Additionally, a number of developers in mobile application management and device management tools are integrating RSA mobile authentication technology natively into mobile business applications. RSA mobile authentication solutions are designed to provide little to no impact on the mobile user experience while still maintaining strong authentication by using risk indicators powered by the RSA' Risk Engine. These indicators include factors such as device identification, geo-location, behavioral profiling, and real-time fraud data from the RSA eFraudNetworkTM community. RSA mobile authentication solutions also ensure strong step-up authentication to one-time-password or other methods is possible, but only applied when necessary.

RSA mobile authentication technology is at the core of a developing mobile security partner ecosystem, providing tools to be embedded into mobile applications to help protect both login and post-login user activities by measuring risk indicators to identify high-risk and suspicious activities. Popular use cases include protecting mobile access to online banking, e-commerce, virtual desktops, VPNs, and enterprise mobile applications. RSA mobile authentication SDKs have been designed to be embedded directly into partner products to offer easy developer access and implementation.

RSA is working with the following Secured by RSA Certified Mobile partners to provide native integration of RSA mobile authentication technology into enterprise applications and networks:

Citrix has embedded RSA mobile authentication technologies into Citrix Receiver™, an easy-to-install client software that, together with Citrix XenDesktop' and Citrix XenApp™, is designed to enable mobile users simplified access to their enterprise desktops, apps, and data from any smartphone, tablet or laptop. When connected to Citrix CloudGateway™, the industry's first unified storefront solution, Citrix Receiver, with RSA mobile authentication, is designed to provide secure access to an intuitive app store-like interface for any Windows, Web or SaaS app from any mobile device.

Juniper Networks and RSA have agreed to embed RSA mobile authentication technologies into the Juniper Networks' Junos' Pulse VPN solution for secure, mobile remote access to corporate resources; RSA and Juniper Networks have also agreed to collaborate further to allow Junos Pulse to authenticate native mobile application access. The combined Junos Pulse and RSA solution will present a unified access point for both VPN and mobile applications, designed to remove the burden for the end user or application to manage connectivity or authentication.

VMware and RSA have enhanced the existing integration of RSA authentication technologies in the newest version of VMware View ™ virtual desktop solutions for mobile devices.

The following mobile technology partners are working to integrate RSA mobile authentication technology into their application development platforms:

Appcelerator and RSA have agreed to collaborate on integrating RSA mobile authentication technology into their Titanium mobile application platform. Titanium is designed for developers to easily integrate RSA mobile authentication technology into their mobile apps and also leverage it as part of Appcelerator’s recently acquired mobile application cloud platform. FeedHenry and RSA have agreed to collaborate on exposing RSA mobile authentication technology from their mobile application Platform-as-a-Service (PaaS) solution. The FeedHenry platform exposes common mobile application components to software developers and is being designed to enable easy integration of the RSA mobile authentication technology into new mobile applications. Good Technology and RSA have agreed to work together on integrating RSA mobile authentication technology into the Good Dynamics developer framework, the Good for Enterprise and Good for Government suites of business applications. Good Dynamics allows enterprise mobile applications to be created, secured and managed leveraging the Good for Enterprise or Good for Government solutions. ZScaler and RSA have agreed to collaborate on an “identity-aware” solution where mobile device users are first authenticated at the ZScaler Secure Web Gateway using RSA mobile authentication technology. The combined solution will be designed to allow minimal changes to be made on the device while enforcing security policy at the network layer. (see related news release “RSA and Zscaler Collaborating to Deliver Trusted Access for Cloud Computing”)

RSA Executive Quotes:

Dan Schiappa, RSA Senior Vice President & Group General Manager, Identity and Data Protection

“The industry is rapidly crossing over into new and more powerful mobile applications for business and e-commerce and by building in the right protections, security can be an enabler of these exciting new innovations. These next-generation enterprise mobile applications require a new, smarter approach to authentication, tying-in dynamic risk-based monitoring and threat intelligence while also enabling a simple, unfettered mobile user experience. We’ve brought together the best of RSA SecurID and RSA Adaptive Authentication to create a mobile-optimized security platform that developers can seamlessly embed into their mobile applications.”

Partner Quotes:

Jo Ann Buckner, VP of Product Management, Appcelerator, Inc.

“Our partnership and technical integration with RSA’s secure mobility solutions are a huge win for customers using the Titanium Platform to transform their business processes and customer relationships. Strong authentication and a great user experience are key to seizing the mobile opportunity.”

John Fanelli, Vice President of Product Marketing, Enterprise Desktops and Applications at Citrix

“Smartphones and tablets provide users with the best possible experience for portability and ease of use and can push application and security landscapes to their limits. Citrix provides leading products like Citrix XenDesktop and Citrix CloudGateway that enable mobile workstyles, and integrating RSA strong mobile authentication into Citrix Receiver gives customers the flexibility to adapt their security practices into this emerging mobile environment.”

Cathal McGloin, CEO, FeedHenry

“While tackling a myriad of devices and managing increasingly complex mobile applications, corporate CIOs are seeking additional layers of security and user authentication and control. The integration of RSA’s authentication technologies in the FeedHenry solution will help protect organization’s mobile app initiatives by measuring risk indicators that identify high-risk and suspicious activities. This is extremely relevant to many industries we work with such as healthcare, finance, government and retail.”

Nicko van Someren, Chief Technology Officer at Good Technology

“The information threat landscape is becoming increasingly sophisticated while the demand for ubiquitous access to corporate networks and information continues to grow. These changes are making enterprise mobility a daunting thought for many CIOs. By integrating RSA’s proven technology into our authentication framework, we will help make it simple for Good’s security-conscious customers to enhance employee productivity while having the peace of mind that their data is secure.”

Sanjay Beri, Vice President and General Manager at Juniper Networks

“To be as productive as possible, fast, secure connectivity and access is a must for today’s mobile workforce. Through the integration of Junos Pulse and RSA, customers will have a unified point for access to both secure VPN and applications from their mobile devices removing the burden for the end user or mobile applications to manage connectivity or authentication— ultimately making it seamless for the user to connect.”

Brian Byun, Vice President and General Manger, End-User Computing, Mobile at VMware

“Virtualized mobile environments require a different approach to security from the traditional enterprise. Through our collaboration with RSA, we’re working to deliver mobile solutions that will help provide end users the freedom to choose their own devices while enabling IT to securely isolate enterprise data and applications from the user’s environment.”

Jay Chaudhry, President and CEO at Zscaler “Trust is no longer about simply identifying the user. With more devices accessing more applications and data from more locations, trust must be established and enforced dynamically. Through our technology partnership with RSA, Zscaler will enhance security for our customers and the cloud services they depend upon, by continually and dynamically establishing trust.”

Additional Resources:

Visit the Secured by RSA Certified Mobile Partner Program web page Learn more about Trusted IT from EMC Connect with RSA via Twitter, Facebook, YouTube, LinkedIn and the RSA Speaking of Security Blog and Podcast.

About RSA RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.EMC.com/RSA.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29445
PUBLISHED: 2021-04-16
jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDe...
CVE-2021-29446
PUBLISHED: 2021-04-16
jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDe...
CVE-2021-29451
PUBLISHED: 2021-04-16
Portofino is an open source web development framework. Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens. This allows forging a valid JWT. The issue will be patched in the upcoming 5.2.1 release.
CVE-2021-29452
PUBLISHED: 2021-04-16
a12n-server is an npm package which aims to provide a simple authentication system. A new HAL-Form was added to allow editing users in version 0.18.0. This feature should only have been accessible to admins. Unfortunately, privileges were incorrectly checked allowing any logged in user to make this ...
CVE-2021-29444
PUBLISHED: 2021-04-16
jose-browser-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDec...