|
A NEW STRATEGIC PARTNERSHIP
between Microsoft Corp. and RSA Security promises to bring
together the power of the Microsoft name — and the ubiquity of
the Windows® operating system — with RSA Security’s proven
abilities in identity and access management.
The partnership, announced at the RSA®
Conference this past February, will result in new security
solutions that bring RSA Security’s well-established products
to Microsoft’s massive customer base, while augmenting
Microsoft’s focus on security at a time when protection is
paramount to the software giant’s customers.
“It’s a classic partnership,” says Joyce
Holupka, Director of Corporate Development at RSA Security.
“We have an excellent broad relationship with Microsoft, with
many strategic, high-level contacts.” In fact, Microsoft
Chairman Bill Gates recently served as the keynote speaker at
the RSA Conference, during which he unveiled several strategic
security initiatives.
One such initiative is the RSA SecurID®
for Microsoft® Windows® solution. The RSA SecurID
authentication solution, which uses a combination of a PIN and
a
frequently-changing code (displayed on an RSA SecurID
token) to verify a user’s identity, has long played a role in
ensuring secure remote access to company networks. RSA SecurID
for Microsoft Windows authentication brings that same
strong security to a Microsoft Windows desktop environment.
For more about the RSA SecurID for Microsoft Windows solution,
please click
here.
 |
“RSA
Security is a leader in
the security space,
and as
such it has the potential
for
reaching a large base of
customers and
helping
them stay secure.”
— Michael
Atalla,
Microsoft. | | |
The relationship between Microsoft and RSA
Security holds promise for both sides. For Microsoft, it’s an
opportunity to strengthen a reputation for secure desktop
solutions. “From our perspective, [the product] is a strong
alternative to password-based authentication systems, and a
highly effective multi-factor authentication system for
Windows-based users,” says Michael Atalla, Group Manager of
Business Development for Microsoft’s Security Business and
Technology Unit. “RSA Security is a leader in the security
space and as such they have the potential for reaching a large
base of customers and helping them stay secure.”
For RSA Security, the strategic partnership
provides an undeniable boost, especially considering that
there are an estimated 285 million Windows users worldwide.
“Driving interoperability between Microsoft platforms and RSA
Security products will help drive sales and provide enhanced
security opportunities,” Holupka says.
As the relationship moves forward, both
sides agree that its potential is considerable. “Microsoft is
focused at a higher level, on creating partnerships and
collaborating with the leaders in the security segment to help
our customers improve the security of their networks,” says
Atalla. “RSA Security is an established security leader. As
such, the partnership is important because RSA Security
technology solutions help address our customers’ interests in
finding authentication systems that integrate well with
Microsoft Windows.”
RSA Security is a member of Microsoft’s gold
certified partner program, which recognizes companies that
have expertise in areas that correspond to Microsoft
technologies. In addition, RSA Security and Microsoft are
working together on future initiatives in the identity and
access management space.
To learn more about secure enterprise
access, please see Psst!
Who’s Got the Password.
THE BIGGEST CONCERNS for companies pondering
federated identity management today are: How fast can
federation — the seamless sharing of user identities across
Internet domains — be done? Is it too early to adopt — what if
standards change when we’re halfway through? And how secure is
it?
To address those worries, RSA Security has
developed a new stand-alone product: RSA® Federated Identity
Manager solution, to be available in Q3 2004.
RSA Federated Identity Manager solution is a
scalable solution with a management interface and the ability
to plug in modules that can receive identities from any
industry standard compliant identity management system. The
solution builds on the widely accepted SAML (security
assertion mark-up language) framework — but includes
heightened security features and an ability to scale and
interoperate with other standards, including Liberty Alliance
and WS-Federation. Analysts say federation enables companies
to easily and securely create new and unique business
synergies by partnering with other web applications in ways
that used to be logistically impossible. Federated identity
management also helps companies glean substantial efficiencies
and ROI by cutting out middleman directory managers, making it
easier for users to navigate across domains and dramatically
reducing helpdesk calls for lost or forgotten passwords.
The RSA Federated Identity Manager
solution:
ENABLES
IT and business synergies through federated
identity, seamlessly sharing identities for efficiencies and
new business opportunities.
CREATES or consumes SAML-based
assertions, allowing your business to federate using an
industry standard.
LEVERAGES powerful management
tools that ease deployment and secure communications.
To be sure, sharing user identities between
web applications and partners as federation does opens up
security risks. But RSA Federated Identity Manager solution
uses concepts such as authentication mapping, subject mapping
and multiarchitecture support to provide iron clad
security.
 |
|
|
|
|
|
|
|
When RSA Security and
Microsoft Corporation decided to form a strategic
partnership, the result was something that
combined the world’s most prevalent operating
system with RSA Security’s proven authentication
technology: the RSA SecurID® for Microsoft®
Windows® solution. The solution — which is
designed primarily to secure desktop access inside
the firewall as well as outside of it — will
address some common dilemmas faced by companies
presently mired in single-factor password
authentication methods.
PROBLEMS
PASSWORD OVERLOAD
Most users today have to remember a variety of
different passwords to access company information
depending on where they are (online, offline, or
remote).
OVERWORKED
HELPDESKS
The more passwords a
user has, the more likely he is to need help
remembering or resetting them. The result:
helpdesks can get quickly overwhelmed with
password management duties.
INSECURE AUTHENTICATION METHODS
Users burdened with too many
passwords are more likely to try to circumvent
authentication methods, which puts company assets
at risk.
INABILITY
TO AUDIT
New regulations like
HIPAA, Sarbanes-Oxley and the Data Protection
Directives of the European Union and Japan mean
that companies are more responsible than ever for
documenting users’ activities. Single-factor
authentication methods make that
difficult.
SOLUTION
By teaming up with Microsoft
Corp., RSA Security builds on the technology it
has already perfected for remote user access and
brings it inside the enterprise, allowing
enterprises to protect desktop access. Users will
bid goodbye to static passwords and will instead
sign on to the Windows desktop with a PIN and a
unique code generated by an RSA SecurID token
every 60 seconds. This two-factor approach —
requiring the user to present something he knows
as well as something he has — means the enterprise
can help ensure a user has the proper credentials
before granting access to sensitive desktop
applications.
BENEFITS
EASE OF USE
Users will employ the same RSA SecurID
authentication method whether they’re online,
offline or accessing company networks remotely.
That means fewer headaches and a more consistent
user experience.
REGULATORY
COMPLIANCE
Because the solution
captures login attempts wherever they occur,
enterprises can better track users’ activities and
help meet some legislative
requirements.
ENHANCED SECURITY
RSA
Security has long been a
leader in the field of two-factor authentication
for remote users; now the company brings that
expertise inside enterprise walls. RSA Security
expects the product to be commercially available
in the third quarter of 2004. For more
information, please visit http://www.rsasecurity.com/go/windows. | | | 
