Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

7/27/2009
03:34 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

RSA Announces New RSA SecurID Software Token For iPhone

Free solution, available from the App Store, enables an iPhone to be used as an RSA SecurID authenticator

BEDFORD, Mass., July 22 /PRNewswire/ -- RSA, The Security Division of EMC (NYSE: EMC) announced the availability of the RSA SecurID(R) Software Token for iPhone Devices that enables an iPhone to be used as an RSA SecurID authenticator, providing convenient and cost-effective two-factor authentication to enterprise applications and resources. The RSA SecurID Software Token App is now available on the App Store at no charge. The required RSA SecurID software token seed as well as RSA(R) Authentication Manager -- the software that powers the RSA SecurID system -- are both available for purchase worldwide.

"We are rolling out the RSA token to those using iPhones at our company and the feedback has been very positive. Our associates always have their iPhones right by their side and prefer not to carry a hardware token," said Rajeev Ravindran, Vice President and Chief Technology Officer, JM Family Enterprises, Inc. "We have been users of software tokens from RSA on other smartphones for years, so the move to support the iPhone was an easy decision. The new token is simple to deploy and easy to use."

The new RSA SecurID Software Token for iPhone is engineered to generate a one-time password that changes every 60 seconds, enabling secure access to enterprise applications and resources. The solution complements the existing range of authentication methods offered by RSA, giving customers a choice in the way they assure identities to a system, resource or information based on risk, cost and convenience. Through a simple download from the App Store, the software token application can be installed easily on the user's iPhone. With one tap the user can enable the App with a unique software token seed provided by their IT organization, creating a convenient, secure and cost-effective authenticator.

"iPhones are increasingly penetrating the enterprise and are being used as standard business tools. This aligns with consumerization of IT where companies need to accommodate for these newer devices while maintaining the security of their existing systems," said Scott Crawford, Managing Research Director, Security and Risk Management, Enterprise Management Associates. "This becomes an opportunity to leverage the iPhone for strong authentication while generating a cost-effective asset."

The use of RSA SecurID software tokens can help decrease total cost of ownership for organizations as they do not require any physical shipping, can be revoked and automatically redeployed if an iPhone is lost, eliminating the need for replacement tokens. Additionally, having the software authenticator on a business critical device like the iPhone reduces the number of lost or forgotten tokens, decreasing the number of costly technical support calls.

"We are further demonstrating our commitment to innovation and choice in authentication methods with the availability of the RSA SecurID software token for the iPhone for use within the enterprise," said Tom Corn, Vice President of Product Marketing at RSA. "Since there is no 'one size fits all' security solution, RSA offers a full range of methods to authenticate and store credentials that balance cost, end-user convenience and security."

Availability

The RSA SecurID Software Token App is available at no charge from the App Store on iPhone and iPod touch or at www.itunes.com/appstore/. The required RSA SecurID software token seed is available for purchase worldwide from RSA and its network of RSA SecurWorld channel partners. The RSA SecurID Software Token for iPhone Devices is designed for enterprise users whose organizations have the RSA SecurID system implemented including its primary software component, RSA Authentication Manager.

About RSA SecurID

With a 25-year legacy of innovation, RSA SecurID(R) is the market-leading two-factor authentication system used by more than 40 million people across more than 30,000 organizations worldwide. RSA SecurID technology is comprised of a broad range of hardware and software authenticators designed to help prevent unauthorized access to corporate applications and resources. RSA SecurID tokens provide end users with a one-time password designed to change every 60 seconds, as well as its software engine -- RSA(R) Authentication Manager -- which scales to support millions of users and integrates with more than 350 products. RSA SecurID authenticators include hardware tokens, a hybrid authenticator with smart chip; an On-Demand SMS token, software tokens for smart phones including the iPhone and BlackBerry(R) handhelds, software tokens for Microsoft(R) Windows (R) and Mac(R) OS X desktops; and an Internet browser toolbar token.

About RSA

RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world's leading organizations succeed by solving their most complex and sensitive security challenges. RSA's information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle -- no matter where it moves, who accesses it or how it is used.

RSA offers industry-leading solutions in identity assurance & access control, data loss prevention, encryption & key management, compliance & security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.

RSA and SecurID are either registered trademarks or trademarks of RSA Security, Inc. in the U.S. and/or other countries. EMC is a registered trademark of EMC Corporation. BlackBerry and RIM families of related marks, images and symbols are the exclusive properties and trademarks of Research In Motion Limited. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. All other trade names and trademarks are the property of their respective holders.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Human Nature vs. AI: A False Dichotomy?
John McClurg, Sr. VP & CISO, BlackBerry,  11/18/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: -when I told you that our cyber-defense was from another age
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-3350
PUBLISHED: 2019-11-19
masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping.
CVE-2011-3352
PUBLISHED: 2019-11-19
Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the 'themename' parameter by setting default, modifying and deleting themes. A remote attacker with Zikula administrator privilege could use this flaw to execute arbitrary HTML or web script code in the context ...
CVE-2011-3349
PUBLISHED: 2019-11-19
lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation.
CVE-2019-10080
PUBLISHED: 2019-11-19
The XMLFileLookupService in NiFi versions 1.3.0 to 1.9.2 allowed trusted users to inadvertently configure a potentially malicious XML file. The XML file has the ability to make external calls to services (via XXE) and reveal information such as the versions of Java, Jersey, and Apache that the NiFI ...
CVE-2019-10083
PUBLISHED: 2019-11-19
When updating a Process Group via the API in NiFi versions 1.3.0 to 1.9.2, the response to the request includes all of its contents (at the top most level, not recursively). The response included details about processors and controller services which the user may not have had read access to.