Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

7/27/2009
03:34 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

RSA Announces New RSA SecurID Software Token For iPhone

Free solution, available from the App Store, enables an iPhone to be used as an RSA SecurID authenticator

BEDFORD, Mass., July 22 /PRNewswire/ -- RSA, The Security Division of EMC (NYSE: EMC) announced the availability of the RSA SecurID(R) Software Token for iPhone Devices that enables an iPhone to be used as an RSA SecurID authenticator, providing convenient and cost-effective two-factor authentication to enterprise applications and resources. The RSA SecurID Software Token App is now available on the App Store at no charge. The required RSA SecurID software token seed as well as RSA(R) Authentication Manager -- the software that powers the RSA SecurID system -- are both available for purchase worldwide.

"We are rolling out the RSA token to those using iPhones at our company and the feedback has been very positive. Our associates always have their iPhones right by their side and prefer not to carry a hardware token," said Rajeev Ravindran, Vice President and Chief Technology Officer, JM Family Enterprises, Inc. "We have been users of software tokens from RSA on other smartphones for years, so the move to support the iPhone was an easy decision. The new token is simple to deploy and easy to use."

The new RSA SecurID Software Token for iPhone is engineered to generate a one-time password that changes every 60 seconds, enabling secure access to enterprise applications and resources. The solution complements the existing range of authentication methods offered by RSA, giving customers a choice in the way they assure identities to a system, resource or information based on risk, cost and convenience. Through a simple download from the App Store, the software token application can be installed easily on the user's iPhone. With one tap the user can enable the App with a unique software token seed provided by their IT organization, creating a convenient, secure and cost-effective authenticator.

"iPhones are increasingly penetrating the enterprise and are being used as standard business tools. This aligns with consumerization of IT where companies need to accommodate for these newer devices while maintaining the security of their existing systems," said Scott Crawford, Managing Research Director, Security and Risk Management, Enterprise Management Associates. "This becomes an opportunity to leverage the iPhone for strong authentication while generating a cost-effective asset."

The use of RSA SecurID software tokens can help decrease total cost of ownership for organizations as they do not require any physical shipping, can be revoked and automatically redeployed if an iPhone is lost, eliminating the need for replacement tokens. Additionally, having the software authenticator on a business critical device like the iPhone reduces the number of lost or forgotten tokens, decreasing the number of costly technical support calls.

"We are further demonstrating our commitment to innovation and choice in authentication methods with the availability of the RSA SecurID software token for the iPhone for use within the enterprise," said Tom Corn, Vice President of Product Marketing at RSA. "Since there is no 'one size fits all' security solution, RSA offers a full range of methods to authenticate and store credentials that balance cost, end-user convenience and security."

Availability

The RSA SecurID Software Token App is available at no charge from the App Store on iPhone and iPod touch or at www.itunes.com/appstore/. The required RSA SecurID software token seed is available for purchase worldwide from RSA and its network of RSA SecurWorld channel partners. The RSA SecurID Software Token for iPhone Devices is designed for enterprise users whose organizations have the RSA SecurID system implemented including its primary software component, RSA Authentication Manager.

About RSA SecurID

With a 25-year legacy of innovation, RSA SecurID(R) is the market-leading two-factor authentication system used by more than 40 million people across more than 30,000 organizations worldwide. RSA SecurID technology is comprised of a broad range of hardware and software authenticators designed to help prevent unauthorized access to corporate applications and resources. RSA SecurID tokens provide end users with a one-time password designed to change every 60 seconds, as well as its software engine -- RSA(R) Authentication Manager -- which scales to support millions of users and integrates with more than 350 products. RSA SecurID authenticators include hardware tokens, a hybrid authenticator with smart chip; an On-Demand SMS token, software tokens for smart phones including the iPhone and BlackBerry(R) handhelds, software tokens for Microsoft(R) Windows (R) and Mac(R) OS X desktops; and an Internet browser toolbar token.

About RSA

RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world's leading organizations succeed by solving their most complex and sensitive security challenges. RSA's information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle -- no matter where it moves, who accesses it or how it is used.

RSA offers industry-leading solutions in identity assurance & access control, data loss prevention, encryption & key management, compliance & security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.

RSA and SecurID are either registered trademarks or trademarks of RSA Security, Inc. in the U.S. and/or other countries. EMC is a registered trademark of EMC Corporation. BlackBerry and RIM families of related marks, images and symbols are the exclusive properties and trademarks of Research In Motion Limited. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. All other trade names and trademarks are the property of their respective holders.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
'BootHole' Vulnerability Exposes Secure Boot Devices to Attack
Kelly Sheridan, Staff Editor, Dark Reading,  7/29/2020
Average Cost of a Data Breach: $3.86 Million
Jai Vijayan, Contributing Writer,  7/29/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-18112
PUBLISHED: 2020-08-05
Affected versions of Atlassian Fisheye allow remote attackers to view the HTTP password of a repository via an Information Disclosure vulnerability in the logging feature. The affected versions are before version 4.8.3.
CVE-2020-15109
PUBLISHED: 2020-08-04
In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations. This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the shipm...
CVE-2020-16847
PUBLISHED: 2020-08-04
Extreme Analytics in Extreme Management Center before 8.5.0.169 allows unauthenticated reflected XSS via a parameter in a GET request, aka CFD-4887.
CVE-2020-15135
PUBLISHED: 2020-08-04
save-server (npm package) before version 1.05 is affected by a CSRF vulnerability, as there is no CSRF mitigation (Tokens etc.). The fix introduced in version version 1.05 unintentionally breaks uploading so version v1.0.7 is the fixed version. This is patched by implementing Double submit. The CSRF...
CVE-2020-13522
PUBLISHED: 2020-08-04
An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability.