September 2018 Cloud Authentication Service Release Highlights
The September release for the RSA SecurID® Access Cloud Authentication Service is now available. In this release RSA continues to add capabilities to further enhance RSA SecurID Access to raise the bar to help customers improve their security posture while still supporting convenient access for end users and administrators.
Providing End Users with Device Registration Self-Service
To provide end users with more autonomy during the device registration process and reduce Help Desk call volume, we are introducing this month a new self-service portal, called “My Page”. RSA understands, however, that while user self-service can dramatically improve the efficiency of your multi-factor authentication program, it cannot become the weak link in your security chain. As such, “My Page” not only provides convenient self-service for your end users, but also provides the security you need to safeguard your digital assets.
Using this portal, an end user can begin the registration process by following the step-by-step instructions displayed on screen that guide them to download the RSA SecurID Authenticate App (from the Apple App Store, Google Play or Microsoft Store). Then, using the installed app, the user can capture a displayed single use QR code containing information for easy app registration. Finally, the user can perform a test authentication to make sure that everything is working as expected. Device Registration in My Page also includes this easy-to-follow video guiding users through this process: https://www.youtube.com/watch?v=mx2c_4p7qo4&feature=youtu.be
Administrators can further increase the security of device registration by requiring multi-factor authentication for access to My Page. Check out this short My Page RSA SecurID Authenticate Device Registration Using RSA SecurID Access My Page, for tips and tricks on how to configure this and other features.
Figure 1. My Page
Supporting Broader User Activity Tracking and Governance
In July, we introduced the Log Events API, a REST-based web services interface allowing customers to retrieve administrator activity log events from the Cloud Authentication Service. This month we’ve added the ability to retrieve end user authentication logs.
For greater security visibility across your organization, you can leverage these REST APIs to share this authentication information with your security information and event management (SIEM) solution, such as RSA NetWitness.
In this way, RSA provides you with improved visibility into the activities of both privileged, administrative users and end users for forensic security, governance auditing and troubleshooting purposes.
For more information on these capabilities, refer to Improved Logging for Security and Audit Compliance
Improved Protection of Windows Login: RSA SecurID® Authentication Agent for Windows v7.4
This month, RSA released a new version of the Windows Agent designed to secure Windows machines when with our award winning RSA SecurID® tokens, and when offline, with our industry leading unique solution that is trusted by many Fortune 500 companies globally. All this to ensure security from the start - allow users and administrators to securely and conveniently access their workstations and servers no matter what the situation calls for.
This new agent framework (architecture) provides a path so customers can adopt future releases supporting the use of MFA and updated Authentication Manager capabilities for secure and convenient Windows protection.
Specific to this release are new capabilities which:
- Expose customers to the updated authentication user interface supported by the latest Microsoft Credential Provider framework as seen natively in the latest versions of Windows and Windows Server, that is more intuitive and friendlier for users trying to authenticate to their machines
- Provide customizable user authentication prompts and help texts so end users can securely authenticate to desktop with minimal friction
- Provide administrators with several high value agent improvements aimed at boosting overall user productivity during machine login.
Faster Time to Value: Expanded Preconfigured Policies
Last month, RSA SecurID® Access introduced predefined access policy templates in all new cloud accounts to help new customers protect their resources faster. Using these policies, new customers need not create custom access policies before configuring their first application. Instead, they can choose from one of the simple preconfigured policies to associate with their applications. This month, we add an additional preconfigured access policy to the initial three delivered in August. The fourth policy applies a context-driven criterion that uses the Identity Confidence attribute to determine if additional authentication is required. This fourth preconfigured access policy is only available to Premium licensed customers.
For further details on these improvements, please refer to the Release Notes here:
and product documentation here:
All of these enhancements make RSA SecurID® Access and even more convenient and secure solution for your authentication needs.