Homepage EMC newsroom

RSA Via Lifecycle and Governance Identity Solution Enhances Cyber Defense While Improving Compliance, Business Efficiency and Performance

Announcement posted by EMC 22 Jul 2015

New Capabilities Speed Detection of Unauthorised Privilege Escalation and Remediation of Account Compromise
STORY HIGHLIGHTS
  • RSA® Via Lifecycle and Governance is designed to contribute critical new and enhanced capabilities to aid detection of advanced attacks, automatically alerting users to unauthorised access changes, including privilege escalations frequently performed by malicious actors who have compromised user identities
  • Integration with RSA Archer® Governance, Risk, and Compliance is engineered to improve visibility for incident handlers through sharing of identity context, and connects access governance and lifecycle processes to the enterprise risk model
  • Helps accelerate business processes for onboarding new users, and streamlining user interface configuration tasks
  • Scalability, reliability and performance enhancements helps ensure IT can effectively govern and administer thousands of applications in an organisation
RSA CONFERENCE ASIA PACIFIC & JAPAN, SINGAPORE, JULY 22, 2015
RSA, The Security Division of EMC (NYSE:EMC), today announced the newest version of RSA Via® Lifecycle and Governance, and the completion of the RSA Via family of Smart Identity solutions. Improved lifecycle management and governance are critical capabilities for managing identities in today’s environments where cloud and mobility have dramatically transformed business processes and requirements and advanced threat actors increasingly target and exploit identities as a primary attack vector. RSA Via Lifecycle and Governance (formerly known as Identity Management and Governance, and Aveksa), helps organisations efficiently and reliably deliver users the right access to the right resources from the endpoint to the network to the cloud, without sacrificing security, compliance, or agility. With new automated detection capabilities enforcing access policies and processes, RSA Via Lifecycle and Governance now is designed to improve security through enhanced visibility into authorised and unauthorised changes across the network. This offers enterprises the ability to quickly detect malicious privilege escalation, reverse it, and break a key link in the cyber-attack chain of advanced threats.

Secure Identity Management
Identities and credentials are a primary target for hackers and criminals. With the latest enhancements to RSA Via Lifecycle and Governance, Identity and Access Management (IAM) teams can further contribute to organisational cybersecurity initiatives while helping to ensure their businesses’ identity needs are efficiently and effectively met. By actively validating all user access changes against policy and processes, the RSA solution is engineered to quickly detect unauthorised user access changes - including privilege escalation performed by malicious actors. This capability also detects “out of band” access grants by end users who bypass IT processes, reducing security risk and ensuring consistent enforcement.
 
RSA Via Lifecycle and Governance helps Security Operations Center (SOC) teams better analyse and triage incidents by providing essential identity context. Enhancing user IDs with detailed views of a user, their job role, and any inappropriate access rights, SOC teams now can more quickly and effectively analyse and remediate security incidents.
 
Robust, Scalable, and Reliable Identity Management
Organisations demand that their IAM platforms be scalable and reliable to support a 24x7, global business environment. RSA Via Lifecycle and Governance is engineered to provide enhanced enterprise-class scalability and high availability through significant performance improvements, enabling IT to effectively govern and administer 100s, and even 1,000s of applications in an organisation. Enhancements to RSA Via Lifecycle and Governance also help allow organisations to collect and process identity data on a more frequent basis, providing better and faster visibility into any user access changes. Additionally, RSA has improved system resiliency to erroneous or corrupted application data.
 
Business Agility
Information Security teams often struggle to balance the demands of the business – which typically wants broader and faster access – with the need to maintain a strong security and compliance stance. With the new capabilities of RSA Via Lifecycle and Governance, organisations can quickly respond to business needs, without sacrificing security and compliance. IAM teams are now able to more rapidly on-board applications through a wizard-based UI, and leverage improved ease-of-use for workflow, form, and application on-boarding configuration. These capabilities build upon RSA’s philosophy of “configuration, not customisation,” enabling IAM teams to more rapidly respond to business needs.
 
An Integrated Solution – One RSA
 
RSA Via Lifecycle and Governance completes the new RSA Via portfolio of smart identity solutions, including, RSA Via Access, and RSA SecurID®  and complemented by other RSA solutions such as RSA® Adaptive Authentication. With RSA Via, organisations have a comprehensive solution for managing all of their identity needs from the endpoint to the cloud.

Outside of the RSA Via portfolio, RSA Via Lifecycle and Governance integrates with RSA Archer® GRC to enable a consistent and actionable risk model for organisations. Application risk can be shared between RSA Archer GRC and RSA Via Lifecycle and Governance, helping to ensure that core IAM business processes – such as access review frequency and access request approval workflows – reflect risk levels appropriately. RSA Via Lifecycle and Governance can also be used to help prove enforcement of relevant policies and control procedures, reducing risk and meeting compliance requirements defined within RSA Archer GRC.

The newest release of RSA Via Lifecycle and Governance will be available in Q3 2015.

Executive Quote:
Jim Ducharme, Vice President of Engineering and Product Management, RSA 
“Legacy IAM systems aren’t capable of addressing the constantly evolving requirements of today’s mobile and cloud-based environments. Organisations need to approach identity, security and compliance from a holistic perspective, and adopt solutions that are as agile as and scale to meet the needs of their dynamic enterprise IT environments. With the introduction of RSA Via Lifecycle and Governance, we’ve completed the RSA Via portfolio of smart identity management solutions and given organisations an end-to-end identity solution. RSA Via is built for a world where mobility, cloud computing and advanced threats are all an integral part of the identity management and authentication challenge. We’ve connected the dots between those key pain points in a way no one else can - with an analytics- and risk-based approach to identifying roles, managing identities and locking down one of today’s most common tactics in advanced threats— user compromise and privilege escalation. The enhancements to RSA Via Lifecycle and Governance helps meet the needs of today’s evolving IT landscape, making managing access easier, improving visibility and effectiveness, while also improving governance, efficiency and security for enterprises.”
 
Analyst Quote
Jon Oltsik, Principal Analyst, Enterprise Strategy Group
“Information Security professionals often struggle to maintain a secure IT environment while delivering efficient and reliable access to business systems and resources. Employees want access to business applications from every device, but IT needs to take the appropriate steps to balance user convenience with security and compliance. Leading enterprises are adopting identity management systems that facilitate business agility AND strong security so they can rapidly detect and respond to issues such as malicious privilege escalation.”
 
ADDITIONAL RESOURCES: For further information please contact - 
Clare Cassidy, Account Manager 

Spectrum Communications 
02 9469 5700 
emc@spectrumcomms.com.au


About RSA
RSA’s Intelligence Driven Security solutions help organizations reduce the risks of operating in a digital world.  Through visibility, analysis, and action, RSA solutions give customers the ability to detect, investigate and respond to advanced threats; confirm and manage identities; and ultimately, help prevent IP theft, fraud and cybercrime.  For more information on RSA, please visit www.rsa.com.