Skip navigation
All Places > Products > RSA SecurID Access > Blog > 2018 > October
2018

The October release for the RSA SecurID® Access Cloud Authentication Service (CAS) is now available. This release focuses on expanding the integration options for protecting SAML-based cloud applications for RSA customers.

SAML application protection - expanding integration options

   You can integrate RSA SecurID® Access into your environment to protect cloud-based applications using the Security Assertion Markup Language (SAML).  RSA supports multiple ways to achieve this, but often the simplest approach is “direct to cloud” using the Cloud Authentication Service Identity Provider (IdP).  Using this approach, these applications can be configured without setting up the Single Sign-on (SSO) Agent on the Identity Router (IDR).

   This month, we are releasing enhancements to the Cloud Authentication Service that will enable some of the most popular Software as a Service (SaaS) applications to support the above simplified configuration.These applications are:  Microsoft Office365, ServiceNow and Workday. These additional applications join VMWare and Salesforce in the ability to configure this direct cloud protection. For customers who want to use RSA’s SSO portal for these applications, they can continue to do so. This new capability is aimed at customers who do not use RSA’s SSO portal and prefer to configure a direct CAS-to-application connection for using RSA SecurID® Access multi-factor authentication.

   Note that although the new SAML cloud IdP integration option removes the necessity of configuring the SSO Agent, the IDR’s Enterprise Connector component is still required for accessing your on-premises identity source(s).

Partner Integration Guides for these updated capabilities are now available. Read on for more on our application connectors and reference locations.

 

 

                Fig.1  Configuring cloud IdP SAML applications

 

Expanding MFA reach: monthly connector updates

   RSA Partner Engineering continually releases new and updated RSA SecurID® Access connectors.  Connectors are the bridge between RSA SecurID® Access and the resources it’s protecting.  RSA has hundreds of RSA SecurID® Access connectors available, including those for the leading applications you may be looking for. (see link below for complete list).

   We recently released these new and updated connectors: Bitglass, Dell (Boomi) , Domo, Netmotion Mobility, One Identity, Third Light, Watchguard Fireware XTM and Yardi (Voyager 7S). Additionally, later this week, these new connectors are planned: Cisco ISE Portal, Igloo, Inspired eLearning iLMS. We will also be releasing the updates for Workday, Service Now and Microsoft Office 365 as mentioned previously.

   Our extensive catalog of connectors helps customers extend their use of RSA SecurID® Access - helping protect the resources that matter most to you.  See the catalog at:
https://community.rsa.com/community/products/securid/securid-access/integrations

   For further details on all the new and updated capabilities of the October release, please refer to the Release Notes here:

https://community.rsa.com/docs/DOC-96414 

 

 and product documentation here:

https://community.rsa.com/community/products/securid/securid-access

 

All of these enhancements make RSA SecurID® Access and even more convenient, pervasive and intelligent solution for your authentication needs.

   As a well-informed security professional today, you’ve recognized the need for continuous combat against the increasingly perilous threat landscape, populated by highly skilled and persistent intruders. You’ve known that simple password protection is insufficient to protect “crown jewel” data and want to incorporate multifactor authentication (MFA) for your critical digital assets into your defenses.

So now that you recognize the need to implement multifactor authentication for your organization, where to start?

   Choosing an appropriate set of access policies to fit all your target resources, across all your user populations, can be challenging given all the possible choices available.  Today, there is a wide variety of password alternatives to help deter infiltration, and more are emerging. RSA SecurID Access supports many such methods across hundreds of digital resources from “ground to cloud” - basic VPN protection to latest SaaS cloud applications such as Microsoft Office365.

   To help you navigate the process of selecting the most appropriate authentication methods and policies for your organization, RSA has developed a white paper which discusses RSA Security’s recommended approach for developing multifactor authentication policies for your organization. The key considerations include:

  • Setting clear business goals, to guide tradeoffs between cost, convenience (usability), protection strength and implementation complexity
  • Taking a phased approach to deployment - think big but start small with a limited pilot
  • Assessing your user population, understanding both the risk profile of their resource access and their tolerance for authentication complexity
  • Evaluating the target resources you need to protect, understanding the risk exposure of your business should they be breached
  • Investigate the array of authentication methods available to you, and consider the tradeoffs between security strength, convenience, cost and administrative complexity
  • Taking into account all the above, formulate your access policies, adding in context-based risk analysis to both security and convenience
  • Remembering to include end user education as part of your rollout plan.
  • Formulating your MFA implementation as part of a larger Identity and Access Management (IAM) strategy within your overall Enterprise Security foundation.

   Please see: https://community.rsa.com/docs/DOC-97431

 

   Furthermore, to supplement this guidance, expert assistance is available.  RSA’s highly experienced Professional Services team and certified partners can help you navigate the myriad of access security choices available, following these best practices.

 

   For more on RSA Security’s solutions and services, please visit:  www.rsasecurity.com or consult with your RSA Security representative.

Filter Blog

By date: By tag: