Authentication Platform provides enterprise-wide solution.

Press Release Summary:



Authentication roadmap provides standards-based, enterprise-wide platform for creating, storing, managing, proving, and leveraging credentials. Platform offers features for creating, vetting, provisioning and binding credential to user, device or application, while also enabling self-service capabilities. Dedicated, multi-function hardware- and software-based credential storage devices are available with range of security and mobility characteristics.



Original Press Release:



RSA Security Announces Roadmap for Strong Authentication



Framework Outlines Standards-Based Platform for Creating, Storing, Managing, Proving and Leveraging Credentials

RSA(R) CONFERENCE 2005/SAN FRANCISCO, Feb. 15 -- RSA Security Inc. (NASDAQ:RSAS) today announced the company's roadmap for strong authentication, designed to provide flexibility and choice as organizations strive to leverage identity as a business asset. Driven by customers' need for simplicity, security and the ability to manage compliance mandates, RSA Security's roadmap recognizes that authentication is moving from a point product to an enterprise-wide solution, and from password-centric to strong authentication implementations. As businesses work to achieve more holistic enterprise security through a comprehensive identity and access management (IAM) strategy, RSA Security's authentication roadmap provides a standards-based, enterprise-wide platform for creating, storing, managing, proving and leveraging credentials. This robust platform also will serve as the central hub for mission-critical enterprise-wide authentication deployments, as companies leverage a wide variety of credentials, authentication methods and form factors.

RSA Security believes strong authentication is the cornerstone of a comprehensive enterprise IAM solution, and that two-factor authentication will see increasing interest from large enterprises aiming for stronger security inside the firewall, and from small and midsize business (SMB) and consumer markets seeking to better protect identities. As these factors drive broader authentication adoption, the RSA Security roadmap also delivers on the authentication portion of NEXUS, the company's strategy for providing a simple, modular infrastructure for a comprehensive IAM solution.

"The IT security industry is at a turning point, as strong authentication becomes mainstream with a broader range of companies, along with consumers, expecting the same levels of security that enterprises have leveraged for years," said Art Coviello, RSA Security's president and chief executive officer. "As strong authentication becomes pervasive, organizations need a robust and open platform that allows for easy, cost-effective integration of one-time passwords with back-end technology. The RSA Security roadmap addresses these needs, and empowers customers with the ability to choose credentials, authentication methods and form factors that meet their long-term security needs."

Framework for the RSA Security Authentication Roadmap

The RSA Security authentication roadmap is based on the premise that organizations need a flexible, cost-effective platform to prove and leverage identities across a variety of networks and applications. Credentials are at the core of any authentication solution, and customers gain the greatest value from these systems when credentials are managed throughout their lifecycle. To that end, the roadmap recognizes the importance of offering customers choice in credentials, authentication methods and form factors. RSA Security's authentication roadmap addresses the following issues related to credential lifecycle management:

o Create: Creating, vetting, provisioning and binding a credential to a user, device or application, and enabling self-service capabilities

o Store: Delivering an array of dedicated and multi-function hardware- and software-based credential storage devices, with a range of security and mobility characteristics

o Manage: Addressing the complete credential management lifecycle, and providing both security administrators and end users the ability to easily update, renew and revoke credentials

o Prove: Offering real-time credential authentication and validation

o Leverage: Leveraging the credential across a multitude of applications, resources and domains

To deliver on this authentication vision, RSA Security will:

o Provide flexibility in the choice of credentials and authentication methods

o Offer a broad range of form factors for storing and protecting credentials

o Provide streamlined, cost-effective identity life-cycle management

o Deliver mission-critical scalability and reliability for credential validation

o Enable trusted identities to be leveraged across the widest range of resources and applications

In addition, RSA Security will continue to champion a broad range of industry standards, which provide the greatest value to customers worldwide and build on the company's established role as a champion of industry-wide standards, a history that includes open initiatives such as Public Key Cryptography Standards (PKCS), Security Assertion Markup Language (SAML) and Lightweight Directory Access Protocol (LDAP).

One-Time Password Specifications: Delivering on the Authentication Roadmap

RSA Security's authentication roadmap is immediately furthered with the announcement today of one-time password (OTP) specifications, which bolster companies' ability to create, store, manage, prove and leverage credentials. The proposed OTP standards -- available for public review and comment -- will position technology solutions vendors to more effectively integrate support for a wide range of OTP methods. The specifications also ensure that credentials are created in a manner that enables businesses to reduce deployment costs and provide access to multiple sites with a single credential or token, and that identities can be effectively leveraged across organizations.

The specifications will be submitted as appropriate to established standards bodies, such as the Internet Engineering Task Force (IETF) and the Organization for the Advancement of Structured Information Standards (OASIS). Technology leaders such as Adobe Systems, Check Point Software Technologies, Funk Software, iPass, Juniper Networks, Meetinghouse and Microsoft have endorsed the effort to put forth open solutions tied to authentication.

New Products & Services: Offering Choice and Flexibility in Strong Authentication

In addition, RSA Security also announced several new products and services, which are expected to provide companies with greater choice in how they manage and protect identities. Each announcement is designed to further RSA Security's ability to deliver a broad platform for creating, storing, managing, proving and leveraging credentials. These include:

o New RSA Authentication Service: RSA Security today announced the RSA Authentication Service, a consumer-focused authentication service that is expected to provide Internet users with enterprise-class protection for their online activities. The service, which will be operated and managed by RSA Security, will present businesses with a straightforward authentication offering designed to allow customers to gain secure access to multiple sites using a single credential. The new RSA Authentication Service will support RSA Security's efforts to provide flexible and cost-effective options for strong authentication. RSA Security plans to launch a pilot program in 2005 and then release commercially.

o New RSA SecurID(R) Appliance: As the need for strong authentication expands outside of the enterprise, small and midsize businesses (SMBs) require solutions tailored to meet their specific needs. The new RSA SecurID Appliance, designed for businesses with fewer than 1,000 employees, will provide a cost-effective strong authentication solution for SMBs worldwide. The appliance solution - a bundled hardware/software offering - will provide an easy-to-deploy and - manage two-factor authentication solution for the SMB market. RSA Security expects to begin delivering the RSA SecurID Appliance through resellers within the United States in April 2005. The appliance is expected to be released globally through the second and third quarters of 2005.

o New RSA SecurID(R) Authenticators: The new USB-enabled RSA SecurID SID800 delivers the levels of security, mobility and reliability associated with traditional RSA SecurID tokens, while significantly expanding credential support and user flexibility. RSA Security's new RSA SecurID SID700 -- 35 percent smaller than the original RSA SecurID key fob authenticator -- is more convenient to carry and use. Both authenticators provide greater flexibility in storing credentials and offer an effective co-branding option. RSA Security will begin delivering the RSA SecurID SID700 tokens immediately. RSA SecurID SID800 authenticators will be available in the second quarter of 2005.

About RSA Security Inc.

RSA Security Inc. helps organizations confidently protect identities and information access. The company secures more than 15 million user identities, safeguards trillions of business transactions annually, and manages the confidentiality of data in tens of thousands of applications worldwide. RSA Security's portfolio of award-winning solutions -- including identity & access management, secure mobile & remote access, secure enterprise access, secure transactions and consumer identity protection -- sets the standard in the industry. Our strong reputation is built on a 20-year history of ingenuity, leadership and proven technologies, and our more than 17,000 customers around the globe. Together with more than 1,000 technology and integration partners, RSA Security inspires confidence in everyone to experience the power and promise of the Internet. For more information, please visit www.rsasecurity.com.

NOTE: RSA, RSA Security, SecurID, the RSA logo and Confidence Inspired are either registered trademarks or trademarks of RSA Security Inc. in the United States and/or other countries. All other products and services mentioned are trademarks of their respective companies.

CONTACT: Dave Howell of RSA Security Inc., +1-781-515-6303, or dhowell@rsasecurity.com

All Topics