Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

12/13/2010
03:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

RSA Rolls Out Security For Android

RSA SecurID Software Token for Android is engineered to generate a one-time password that changes every 60 seconds

BEDFORD, Mass., Dec. 13, 2010 /PRNewswire/ -- RSA, The Security Division of EMC (NYSE: EMC) announced the availability of the RSA SecurID Software Token for Android(TM) that is engineered to enable an Android powered device to be used as an RSA SecurID authenticator, providing convenient and cost-effective two-factor authentication to enterprise applications and resources.

Additionally, RSA is releasing a new Software Development Kit (SDK) for the Android platform that is designed to allow developers to embed RSA SecurID two-factor authentication directly into Android applications and gain competitive advantage by offering this additional layer of security. Mobile applications that directly integrate RSA SecurID technology provide organizations with the assurance that their resources are engineered to be protected from unauthorized access without any usability impact to the end user. The SDK is available free of charge for all RSA Secured partners.

"Being able to offer the RSA SecurID tokens to our users on many of the most popular mobile platforms such as Android is a convenient and cost-effective way to deploy strong authentication in our enterprise," Tim Prendergast, Network Architect at Ingenuity Systems, Inc. "Deployment on smart phone platforms is done electronically so it's simple and fast for our IT organization to provision, eliminating any lag time if an end-user needs to get a new token. Our employees love it because the tokens are easily accessed on the mobile devices they already own and carry."

The new RSA SecurID Software Token for Android is engineered to generate a one-time password that changes every 60 seconds, enabling secure access to corporate resources. The solution complements the broad range of authentication methods offered by RSA, giving customers a choice in authentication methods based on risk, cost and convenience.

The RSA SecurID Software Token for Android is designed for enterprise users whose organizations have implemented the RSA SecurID system. The token can be installed directly onto Android enabled devices at no cost via a simple download from Android Market(TM). With minimal help from their IT department, users can enable the application with a unique software token seed, creating a convenient, secure and cost-effective RSA SecurID authenticator.

"The smart phone is revolutionizing the way consumers and commercial organizations are doing business," noted Mark Diodati, Research Director at Gartner. "The smart phone will become the default strong authenticator for users in the near-term; it means one less device that the user must carry. It's important that strong authentication methods like one-time password devices are supported on smart phones, and that developers have an easy way to embed this high-quality authentication method into mobile applications."

The use of RSA SecurID software tokens helps decrease total cost of ownership for organizations as they don't require any physical shipping, can be revoked and automatically redeployed if an employee leaves the company with their Android enabled device eliminating the need for replacement tokens. Additionally, having the software authenticator on business-critical smart phones reduces the number of costly technical support calls for misplaced tokens.

"It's no secret that mobile computing has exploded recently and we do not expect that trend to slow down at all. This enormous growth and proliferation gives us a strong opportunity to leverage these devices as authenticators and enable new forms of authentication to our customers to establish identity," said Tom Corn, Chief Strategy Officer, RSA, The Security Division of EMC. "Leveraging mobile devices running on the Android platform to deploy RSA SecurID technology allows customers a seamless delivery of two-factor authentication across cloud or on-premise applications."

The RSA SecurID software token for the Android mobile platform will be available for free download Dec. 22, 2010 from Android Market. It is enabled for users with a unique software token seed purchased by IT organizations that have deployed RSA Authentication Manager.

About RSA SecurID

With a legacy of innovation spanning more than 25 years, RSA SecurID technology is one of the market-leading two-factor authentication systems used by more than 40 million people across more than 30,000 organizations worldwide. RSA SecurID technology is comprised of a broad range of hardware and software authenticators designed to help prevent unauthorized access to corporate applications and resources. RSA SecurID tokens are engineered to provide end users with a one-time password designed to change every 60 seconds, as well as its software engine - RSA Authentication Manager - which scales to support millions of users and integrates with more than 350 products. RSA SecurID authenticators include hardware tokens, hybrid authenticator with smart chip; On-Demand SMS token, software tokens for smart phones including BlackBerry handhelds, Apple iPhone , Java ME and devices powered by the Google Android(TM) mobile platform, software tokens for Microsoft Windows and Mac OS X desktops and an Internet browser toolbar token.

About RSA

RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.

RSA, SecurID and RSA Authentication Manager are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. Android and Android Market are trademarks of Google Inc. Use of this trademark is subject to Google Permissions. All other products and/or services referenced are trademarks of their respective companies.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).