Organizations today want to make it easy for users to access protected work resources secured with Passwordless authentication options. When users access protected work resources, they must prove they are who they say they are by authenticating themselves. This is achieved through an initial authentication workflow (Primary Authentication), and conditionally an additional authentication workflow (Step-Up Authentication).
RSA is dedicated to offering Passwordless options for organizations to choose from enabling them to secure access to work resources. Coming soon in the RSA ID Plus October 2023 Release, we will assist admins to deploy Passwordless authentication easily within access policies that are more flexible than before. This new type of access policy is called Access Policy 2.0. Let us explore further how 2.0 Polices help admins easily introduce RSA’s range of Passwordless options such as FIDO, QR-Code and SecurID One-Time Password (OTP) to their organizations compared to the previous 1.0 Policies.
Switching Multiple Resources to Passwordless at Once
2.0 Policies will allow admins to define both Primary and Step-up Authentication options within the same access policy. This saves administrative time should there be a need to modify the Primary Authentication method for a set of resources that use the same access policy.
1.0 Policies limit admins to only configuring Step-Up authentication methods. This makes management of policies difficult because the Primary Authentication method for a 1.0 Policy of each configured resource assigned to that policy must be individually configured for that resource, even if it is the same Primary Authentication method.
Let us use the following example of resource A (Cisco VPN) and resource B (ADP Payroll), each individually configured with Password as the Primary Authentication method but both utilizing the same 1.0 Policy to Step-Up users when needed. If an admin wants to secure both resources with Passwordless options, they will need to individually configure each resource. This will become tedious very quickly if it were 25 resources instead of 2. With a 2.0 Policy, just configure the Primary Authentication methods one time and it will apply to all resources that use the same policy - saving valuable administrative time.
Flexible Passwordless Primary Auth Options
Primary Authentication within 2.0 Policies will provide admins the flexibility to offer users a choice from a set of allowable authentication methods, just like how they can with Step-Up authentication today. Admins now have more Passwordless Primary Authentication methods to choose from within 2.0 Policies including QR-Code, FIDO and SecurID OTP. Aside from that. Admins can also include other methods such as Emergency Access, and not just one, but multiple external Identity Providers (IDPs).
Externally configured Primary Authentication methods paired with 1.0 Policies limit admins to configuring only one authentication method – either Password, FIDO, SecurID OTP or a single external IDP. This makes it inconvenient in cases where not all users have access to authenticate with the one configured Primary Authentication method. At worst this forces admins to use the lowest insecure common denominator method as the Primary Authentication method, which is Password.
Can’t Wait to use 2.0 Policies?
We hope you are just as excited as we are with the new 2.0 Policies. We plan to roll out the ability to use 2.0 Policies within RSA ID Plus in phases, starting with RSA My Page. When the October 2023 Release goes live, there will be no impact to existing My Page customers. When you do decide to make any change to your My Page configuration, you will need to migrate to a 2.0 Policy then.
To make this easy, we have created a one-click migration button that will seamlessly convert your 1.0 Policy to a new 2.0 Policy, as shown in the screenshot above. Don’t forget to review the upcoming October 2023 Release Product Advisory and Release Notes when they go live for more information about 2.0 Policies and other benefits that are related to this feature.
We will post product advisory updates as we continue making product improvements in future releases that will allow other resources to be protected with 2.0 policies. We hope you will include the use of 2.0 Policies as part of your Passwordless journey.
We are excited to have you experience the new wide range of Passwordless authentication solutions with the roll-out of 2.0, and look forward to making your job of managing access easier for you and a great experience for your organization and users.
... View more
Hi I'm trying to deploy the RSA Authentication Manager on KVM (ovirt 4.3) I used the OVA file: rsa-am-vmware-virtual-appliance-188.8.131.52.0.ova. I managed to install it but when I try to configure it, at the NTP configuration screen, if I try to preview the tome from the time source I get an error I can continue past this but when Iget to "5. Summary" and click "Start Configuration" I get this error returned almost immediately and cannot proceed: Quick Setup cannot complete the configuration process. Click here to access the install_logs, and then call RSA Customer Support Has anyone had any success deploying RSA Authentication Manager on KVM? Thanks Angus
... View more
We are in a project to migrate RSA servers to a new platforms . in the process to upgrade old servers to the same version that new servers , I 've upgraded a RSA auth manager from 8.7 to 8.7 SP1 .
Upgrade process seems to have finished ok , log is finished with sucessfully message . But server is unavailable.
Could version 8.7 SP1 has some security process or something similar ?
... View more
Just wanted to say, we have several users who are experiencing this issue:
They are using an Iphone 14 with the latest IOS 16.6.1
When i tried to import a software token he got the error "The imported OTP credential is not intended for this device and has been removed' error. After that i reset the token, he updated the RSA authenticator app (SecureID) but then his app already crashed when inititliasing for the first time. Now he gets:
Error Occurred: Error initializing authenticator app. Please try again later or contact your IT support. This is with the latest app version 4.3.1 (build1).
Appearently we have to wait until it is fixed in 4.3.2?
RSA authentication secureID APP version 4.3.3 Solved our issues!
... View more
new software installed onto lease roll corporate windows pc. installed version is 184.108.40.2062. version on old pc is 220.127.116.112. The window is abnormally huge, there is no way to resize it, and it no longer stays in the same position on the screen like the old one did. the moment I use it, it moves smack-dab in the center of my main monitor which is unacceptable. I went through the registry and see no keys that can be changed to remember position of anything regarding the size. Do such keys exist that can be manually entered? Or how about creating a version that gives the end user some control in settings so they can select for themselves whether they want the window to remain in a certain position or not. I mean, if i moved it to a different monitor and on a specific part of that screen, that means i want it TO STAY THERE!
... View more