RSA recently announced the newest version of RSA Via Lifecycle and Governance, and the completion of the RSA Via family of Smart Identity solutions. Improved lifecycle management and governance are critical capabilities for managing identities in today’s environments where cloud and mobility have dramatically transformed business processes and requirements and advanced threat actors increasingly target and exploit identities as a primary attack vector.
RSA Via Lifecycle and Governance (formerly known as Identity Management and Governance, and Aveksa), helps organizations efficiently and reliably deliver users the right access to the right resources from the endpoint to the network to the cloud, without sacrificing security, compliance, or agility. With new automated detection capabilities enforcing access policies and processes, RSA Via Lifecycle and Governance now is designed to improve security through enhanced visibility into authorized and unauthorized changes across the network. This offers enterprises the ability to quickly detect malicious privilege escalation, reverse it, and break a key link in the cyber-attack chain of advanced threats.
Jim Ducharme, Vice President of Engineering and Product Management, RSA, said, “Legacy IAM systems aren’t capable of addressing the constantly evolving requirements of today’s mobile and cloud-based environments. Organizations need to approach identity, security and compliance from a holistic perspective, and adopt solutions that are as agile as and scale to meet the needs of their dynamic enterprise IT environments. With the introduction of RSA Via Lifecycle and Governance, we’ve completed the RSA Via portfolio of smart identity management solutions and given organizations an end-to-end identity solution. RSA Via is built for a world where mobility, cloud computing and advanced threats are all an integral part of the identity management and authentication challenge. We’ve connected the dots between those key pain points in a way no one else can – with an analytics- and risk-based approach to identifying roles, managing identities and locking down one of today’s most common tactics in advanced threats— user compromise and privilege escalation. The enhancements to RSA Via Lifecycle and Governance helps meet the needs of today’s evolving IT landscape, making managing access easier, improving visibility and effectiveness, while also improving governance, efficiency and security for enterprises.”
Jon Oltsik, Principal Analyst, Enterprise Strategy Group, said “Information Security professionals often struggle to maintain a secure IT environment while delivering efficient and reliable access to business systems and resources. Employees want access to business applications from every device, but IT needs to take the appropriate steps to balance user convenience with security and compliance. Leading enterprises are adopting identity management systems that facilitate business agility AND strong security so they can rapidly detect and respond to issues such as malicious privilege escalation.”
Secure Identity Management
Identities and credentials are a primary target for hackers and criminals. With the latest enhancements to RSA Via Lifecycle and Governance, Identity and Access Management (IAM) teams can further contribute to organizational cybersecurity initiatives while helping to ensure their businesses’ identity needs are efficiently and effectively met. By actively validating all user access changes against policy and processes, the RSA solution is engineered to quickly detect unauthorized user access changes – including privilege escalation performed by malicious actors. This capability also detects “out of band” access grants by end users who bypass IT processes, reducing security risk and ensuring consistent enforcement.
RSA Via Lifecycle and Governance helps Security Operations Center (SOC) teams better analyze and triage incidents by providing essential identity context. Enhancing user IDs with detailed views of a user, their job role, and any inappropriate access rights, SOC teams now can more quickly and effectively analyze and remediate security incidents.
Robust, Scalable, and Reliable Identity Management
Organizations demand that their IAM platforms be scalable and reliable to support a 24×7, global business environment. RSA Via Lifecycle and Governance is engineered to provide enhanced enterprise-class scalability and high availability through significant performance improvements, enabling IT to effectively govern and administer 100s, and even 1,000s of applications in an organization. Enhancements to RSA Via Lifecycle and Governance also help allow organizations to collect and process identity data on a more frequent basis, providing better and faster visibility into any user access changes. Additionally, RSA has improved system resiliency to erroneous or corrupted application data.
Information Security teams often struggle to balance the demands of the business – which typically wants broader and faster access – with the need to maintain a strong security and compliance stance. With the new capabilities of RSA Via Lifecycle and Governance, organizations can quickly respond to business needs, without sacrificing security and compliance. IAM teams are now able to more rapidly on-board applications through a wizard-based UI, and leverage improved ease-of-use for workflow, form, and application on-boarding configuration. These capabilities build upon RSA’s philosophy of “configuration, not customization,” enabling IAM teams to more rapidly respond to business needs.
An Integrated Solution – One RSA
RSA Via Lifecycle and Governance completes the new RSA Via portfolio of smart identity solutions, including, RSA Via Access, and RSA SecurID® and complemented by other RSA solutions such as RSA® Adaptive Authentication. With RSA Via, organizations have a comprehensive solution for managing all of their identity needs from the endpoint to the cloud.
Outside of the RSA Via portfolio, RSA Via Lifecycle and Governance integrates with RSA Archer® GRC to enable a consistent and actionable risk model for organizations. Application risk can be shared between RSA Archer GRC and RSA Via Lifecycle and Governance, helping to ensure that core IAM business processes – such as access review frequency and access request approval workflows – reflect risk levels appropriately. RSA Via Lifecycle and Governance can also be used to help prove enforcement of relevant policies and control procedures, reducing risk and meeting compliance requirements defined within RSA Archer GRC.