RSA SecurID Access Prime Team

Prime 101: A Customer Introduction

Blog Post created by RSA SecurID Access Prime Team Employee on Feb 28, 2019

Why Does RSA SecurID Access Prime (formerly AM Prime) Exist?

In today’s consumer-experience driven IT world, the flexibility and extensibility to meet unique, new, and emerging use cases, as well as to provide for tailored end-user experience, are critical.

 

The RSA Professional Services Prime offering is designed to complement and augment RSA’s SecurID Access product platform, providing customers with an extensible framework to adopt, adapt, and extend usage and administration of RSA multifactor authentication (MFA) and to accelerate customer Time-to-Value (TTV) with RSA Identity solution deployments.

 

What is RSA SecurID Access Prime?

Prime is an RSA Professional Services software package add-on that provides RSA SecurID Access customers with a framework and tools to achieve additional levels of efficiency, extensibility, and flexibility with their RSA SecurID Access 2FA/MFA deployments.  Ultimately, Prime enables large-scale customers to realize a higher Return on Investment (ROI) through a tailored-fit RSA SecurID Access solution and a lower Total Cost of Ownership (TCO) by way of operational savings. 

 

The highly adaptable but common framework that Prime delivers ensures RSA supportability without sacrificing the ability to provide customer unique solutions for authenticator lifecycle management (e.g., joiner/mover/leaver use cases), 3rd party system integrations, and RSA authentication application development.

 

The current Prime package encompasses the components outlined in the table below:

 

Prime ComponentDescriptionKey Differentiators
Prime Authentication Integration Services (AMIS)

RSA PS software kit that facilitates & simplifies integration with RSA SecurID Access platform (both AM & Cloud).

  • Web services integration layer for administration and authentication integrations
  • Supporting services and utilities (invitation system, workflow engine, email notification system
  • Set of simple, stateless REST web service calls to support all RSA authentication methods -- with abstraction from underlying RSA product versions
  • Fat client and web solutions can integrate authentication without needing to maintain individual agent records, sdconf.rec details, etc.
  • Supports central, load balanced, redundant auth hub architectures
  • Supports integration with other authentication systems, i.e. external challenge question providers
Prime Self-Service web portal framework (SSP)

Highly-configurable end-user web portal supporting self-service functionality across all RSA authenticator types, including Cloud MFA:

  • Authenticate Enrollment
  • Request SecurID token
  • Replace SecurID token
  • Change/Set SecurID PIN
  • Resync SecurID token
  • Clear Security Questions
  • Test Authenticator
  • Report Lost Authenticator
  • Reset AD Password
  • All RSA authentication options available for self-service portal access
  • Branding and tailoring of communications (HTML emails and web pages)
  • Enhanced security controls including: step-up auth challenges, white-lists, group controls, end user notifications, etc.
  • Bulk on-boarding with invitation
  • Deployment flexibility
  • Readily customizable by RSA PS for additional features/functionality
Prime Help Desk web portal framework (HDAP)

Provides web interface for front line help desk personnel, particularly for customers that may have hundreds of globally distributed help desk staff.  Streamlined UI for SecurID token user look up and troubleshooting.

 

Often used in combination with Prime Self-Service.

  • Do not need to extend AM Security Console access to broad help desk staff
  • Operates on single-user (e.g., no bulk operations)
  • Branding and tailoring of web pages, including language and localization
  • Deployment options (multi-tenant)
  • Initiate end-to-end user enrollment process with HDAP triggered invitation
  • Identity Verification via Help Desk initiated MFA or SMS challenge

 

Note that, on the surface and from a very high-level, there appear to be many overlaps in functionality with RSA SecurID Access product components.  The “differentiators” column highlights specific key differences.  RSA SecurID Access Prime is only for those customers that have requirements that drive into one or more of these areas of differentiation.

 

For overview diagrams of the RSA SecurID Access Prime solution, refer to Prime 101: Prime in Pictures.

 

Who is RSA SecurID Access Prime Intended For?

RSA SecurID Access Prime is particularly geared towards customers with large-scale or otherwise customer-specific 2FA/MFA solution requirements.  As with RSA SecurID Access itself, Prime applicability cuts across all vertical segments but is especially relevant for Financial Services, Health Care, and Technology Services sectors.

 

How is RSA SecurID Access Prime Delivered?

RSA SecurID Access Prime is delivered as an RSA Professional Services offering which has 3 elements:

  1. The Prime software package itself
  2. Annual support and maintenance on the Prime software package
  3. RSA Professional Services to assist with customer-specific Prime solution design, installation and configuration

 

How Can I Learn More?

Follow the RSA Link Prime Community page to stay informed on RSA SecurID Access Prime and solutions enabled by RSA SecurID Access.

 

If you would like more details on purchasing RSA SecurID Access Prime from RSA Professional Services, please contact your RSA sales representative.

Outcomes