March 2, 2016 -
RSA announced it has added new identity assurance and identity governance capabilities including EyeVerify’s Eyeprint ID, to the RSA Via identification and access management solution.
The new capabilities are designed to help organizations effectively improve security and user convenience as they assure identities as well as better manage privileged access.
RSA’s new authentication choices in RSA Via Access help choose the right level of assurance based on what the user is accessing.
New RSA Via lifecycle and governance capabilities are designed to increase visibility into access of privileged systems to protect customers against targeted attacks, provide more effective choices for identity assurance and better manage risk.
RSA Via Access is designed to automatically align authentication methods to an access request’s risk level by allowing administrators to prescribe identity assurance requirements and flexible step-up authentication policies based on security requirements.
For instance, gaining access to an organization’s most essential assets might require biometric authentication methods, while less important assets require a less strong level of assurance.
RSA Via Access is designed to allow security admins to choose which assurance level is needed for various access scenarios based on contextual attributes like location and device used, to help ensure security is not compromised.
Organizations can now offer an even greater range of authentication methods based on the sensitivity of the application, enabling users to seamlessly verify their identity instead of a “one size fits all” method.
In addition to TouchID fingerprint verification and tap or shake authentication, RSA Via Access now offers EyeVerify’s eye vein biometric authentication solution.
Eyeprint ID uses the unique pattern of eye veins and other micro features to authenticate a user by confirming a known biometric print with a trusted device.
The RSA Via Access server is also now FIDO Certified, and can support devices that adhere to the FIDO U2F standard, providing organizations and users with additional authentication methods and convenience.
RSA Via Lifecycle and Governance is now designed to be interoperable with the CyberArk Privileged Account Security Solution, providing greater visibility into and governance over privileged access.
Additionally, RSA Via Lifecycle and Governance is designed to support provisioning to privileged accounts managing the varying privileges of an employee as they join, leave, or change roles within an organization.
“RSA Via technology’s new capabilities align the various levels of risk associated with what a user is trying to access with the appropriate levels of assurance,” said Jim Ducharme, RSA’s VP of engineering and product management. “This allows organizations to offer more innovative authentication options and help ensure there isn’t a tradeoff between security and user convenience.”