As we all are going through some level of adaptation to the new normal the one thing that hasn’t changed is our continued commitment in rolling out capabilities to our RSA SecurID Access customers. We are excited to provide the following updates as part of the April 2020 release.
Threat Aware Authentication (TAA) v2 - Improved flexibility to support different customer deployments
Our TAA v1 release (last year) supported limited deployment scenarios. The risky users were identified and exchanged based on email addresses. Customers wanted to have more flexibility in identifying and sharing of the user list. We saw this customer enthusiasm and commitment in making TAA capability better.
We have updated TAA (v2) to provide that flexibility in identifying risky users between RSA NetWitness and RSA SecurID Access. Now the identities within the risky user list can be in any prior agreed upon format between the two products.
RSA SecurID Access can identify the users using Primary Username or an Alternate. These attributes can be mapped to any underlying LDAP/AD attribute (e: samAccountName, userPrincipalName, UID etc). RSA NetWitness administrators can now configure which piece of meta-data they want to use to build and exchange the risky user list.
Extend the use of conditional access policy attributes to Enterprise Edition licensed customers
Many of our customers are already using the policy engine to make smart access decisions in protecting a variety of applications. We want to enable more customers in using our policy engine – the true power behind implementing security controls based on your organizational policies. The conditional access attributes used in defining policies helps in harnessing the power of that policy engine.
We are thrilled to announce that our Enterprise Edition licensed customers can start using those conditional access attributes NOW! Those customers can enable policies to provide user access based on dynamic context driven attributes such as countries, trusted locations, trusted networks.
Our premium edition customers are already unleashing the power of these conditional access policy attributes in their access decisions.
Our goal is to enable everyone to make access decisions smarter!!
Enabling our customers to address their privacy concerns
Ability to turn off location collection
Some customers promote preserving user privacy as part of their organizational policy or to comply with regulations. We understand such policies and would like to support our customers in their privacy initiatives. One such privacy related topics is around collecting user location.
Beginning in April release we are providing our customer administrators ability to fully control data collection for location. Enabling or disabling location collection is now within the power of customer administrators through the administration console. Those administrators can choose to turn off location collection for specific policy attributes such as trusted locations, country and Identity Confidence.
Providing visibility into device capabilities used in mobile apps
Some customers would like to have better visibility into how their end-user mobile device capabilities (eg. Camera, Wi-fi connections) are being used by RSA SecurID Software token and RSA SecurID Access Authenticate App. In April release we have enabled our customers with documentation highlighting details on
- The type of permissions required from those mobile devices
- Why we need those permissions and is it mandatory or optional
The primary goal is to educate our customers and their end-users with the right level of information so that any fear, uncertainty and doubt can be addressed when using the mobile apps
We continue to churn cool new capabilities every month. The April release notes provides complete details on other miscellaneous updates coming out in the April 2020 release.