Skip navigation
All Places > Products > RSA SecurID Access > Blog > 2020 > April
2020

As we all are going through some level of adaptation to the new normal the one thing that hasn’t changed is our continued commitment in rolling out capabilities to our RSA SecurID Access customers. We are excited to provide the following updates as part of the April 2020 release.  

 

Threat Aware Authentication (TAA) v2 - Improved flexibility to support different customer deployments

Our TAA v1 release (last year) supported limited deployment scenarios. The risky users were identified and exchanged based on email addresses. Customers wanted to have more flexibility in identifying and sharing of the user list.  We saw this customer enthusiasm and commitment in making TAA capability better.  

 

We have updated TAA (v2) to provide that flexibility in identifying risky users between RSA NetWitness and RSA SecurID Access. Now the identities within the risky user list can be in any prior agreed upon format between the two products.

 

RSA SecurID Access can identify the users using Primary Username or an Alternate. These attributes can be mapped to any underlying LDAP/AD attribute (e: samAccountName, userPrincipalName, UID etc). RSA NetWitness administrators can now configure which piece of meta-data they want to use to build and exchange the risky user list.

 

Extend the use of conditional access policy attributes to Enterprise Edition licensed customers

Many of our customers are already using the policy engine to make smart access decisions in protecting a variety of applications. We want to enable more customers in using our policy engine – the true power behind implementing security controls based on your organizational policies. The conditional access attributes used in defining policies helps in harnessing the power of that policy engine.

 

We are thrilled to announce that our Enterprise Edition licensed customers can start using those conditional access attributes NOW!  Those customers can enable policies to provide user access based on dynamic context driven attributes such as countries, trusted locations, trusted networks.  

 

Our premium edition customers are already unleashing the power of these conditional access policy attributes in their access decisions. 

 

Our goal is to enable everyone to make access decisions smarter!!

 

Enabling our customers to address their privacy concerns

Ability to turn off location collection

Some customers promote preserving user privacy as part of their organizational policy or to comply with regulations. We understand such policies and would like to support our customers in their privacy initiatives.  One such privacy related topics is around collecting user location.

 

Beginning in April release we are providing our customer administrators ability to fully control data collection for location. Enabling or disabling location collection is now within the power of customer administrators through the administration console. Those administrators can choose to turn off location collection for specific policy attributes such as trusted locations, country and Identity Confidence.

 

Providing visibility into device capabilities used in mobile apps

Some customers would like to have better visibility into how their end-user mobile device capabilities (eg. Camera, Wi-fi connections) are being used by RSA SecurID Software token and RSA SecurID Access Authenticate App. In April release we have enabled our customers with documentation highlighting details on

  1. The type of permissions required from those mobile devices
  2. Why we need those permissions and is it mandatory or optional

 

The primary goal is to educate our customers and their end-users with the right level of information so that any fear, uncertainty and doubt can be addressed when using the mobile apps

 

We continue to churn cool new capabilities every month. The April release notes provides complete details on other miscellaneous updates coming out in the April 2020 release. 

As depicted in the 2019 movie Ford v Ferrari, the sports car race 24 Hours of Le Mans is an endurance race that tests the durability of equipment and the will and stamina of participants. For many corporate IT teams, dealing with the sudden, almost overnight transition to an all remote workforce has been an endurance race with similar tests.

 

And in the frenzy of needing to rapidly ramp up remote access to an entire organization and the rush to get authenticators into people’s hands to win the initial leg of the race, the obvious fact that there will be downstream impacts to the stability and performance of your authentication system can easily be overlooked. After all, RSA Authentication Manager is a workhorse that often masks smaller upticks without a hitch.

 

However, as your remote user population explodes, peak authentication rates go through the roof, and associated administrative activities (exacerbated by “newbies” to multifactor authentication) ascend to all-time highs, it is possible for performance slowdowns -- and blinding panic -- to set in.

 

Your RSA SecurID solution, normally a rock of IT stability, is going sideways...  “The RSA is broken”...  What is happening?!?!?

 

Don't worry. Everything is going be alright after making the necessary adjustments.

 

It is important that you take a systematic approach to reviewing your RSA environment and evaluating key areas for “redlining” conditions that ultimately result in a poor user experience of one sort or another. These key areas include both underlying system resources as well as RSA configuration parameters.

 

Extensive RSA performance tuning guidance is available through documents posted under the “Optimize & Tune” section of the new RSA Remote Workforce Resource Center.

 

Over its 30+ year history, RSA SecurID Access has established itself as a proven winner, capable of standing up to the biggest challenges...  even while running at high RPMs.

Filter Blog

By date: By tag: