Summary of Article:

TAKING CONTROL OF THE DIGITAL AND MOBILE USER

AUTHENTICATION CHALLENGE
This article discusses the growing demands on authentication systems and the
issues IT is struggling with to protect digital assets and retain control, while achieving
the desired user experience. The article also explained how RSA products can fulfill
user requirement and aid in securing authentication process based on organization
needs.
The expansion of technologies offers flexibility to users to access many online
resources and application such as online banking, emails, and company portals and so
on. As for all the online systems, user requires to set password authentication and most
times user tend to use same known or guessable password for multiple systems and
indirectly will aid in cybercriminals. Next, the article also stated that the ability to
ensure proper authentication is getting more complex when ITs need to control who
can access what information from which device in what locations as user use to switch
between devices and managing this is getting difficult. Besides that, users is also not
taking basic measures to protect their information, such as regularly changing
passwords or using password protection on mobile devices which may ease in hacking.
As technology advanced, the needs to manage various digital identities
addresses issue of being able to fit the right authentication method to the right user, to
the right device, to the right information they are trying to access. One-size-fits-all
access and authorization management solutions no longer effective when users have
many options to access resource without any authentication and perform any
unauthorized action against the policies and security set in the organization. Current
advancement in technologies requires improvement in traditional information security
process and management to eliminate all the possible risks and to be able to face new
challenges while adapting to changing needs and changing user behaviors.
To resolve complex identity and access management challenges due to
technologies advancement such as mobile, social, cloud and big data, RSA comes up
with few solution which are RSA Secure ID, RSA Adaptive Authentication, RSA Identity
Manager and Governance and RSA Access Manager.

Computer Security
MITM 663
i.

RSA Secure ID is a multifactor, OTP authentication technology for secure access

to virtual private networks, wireless access points, remote access firewalls, Web

ii.

applications and network operating systems.

RSA Adaptive Authentication explore in risk-based approach to multifactor
authentication using devic forensics, behavioral analysis and RSA eFraud

iii.

Network.
RSA Identity Manager and Governance allows enterprise-wide visibility into
user access privileges, with automated reporting, monitoring and auditable

iv.

compliance evidence.
RSA Access Manager is a secure access to Web applications with consolidated
access controls for enhanced security, accelerated application deployment and
improved user experience.

RSAs vision is to evolve technology to meet the changing needs of organizations

and protect them as they move into the realms of cloud, mobile, social and big data
and it requires an organization with the ongoing vision and an ecosystem of
partnerships that implies protocols and standards. In this article, four different case
study is discussed which states how improved RSA product which helped to meet
organizations requirement as per the vision.
i.

ADP

RSA Authentication Manager 8.0 provides a better experience for users because can
download office materials directly over the Internet when connected to the VPN or
using VPN-SSL, without compromising on security. Users enter their personal
identification number (PIN) into the software on their computer, and this creates the
passcode that is used to connect.
ii.

BRE Leasing

BRE Leasing able to access all of their usual applications and servers through their
mobile devices with Authentication Manager 8.0 which offers more authentication
choices for end users, as well as the simplicity of managing the virtual platform.
iii.

Geisinger Health System

RSA Access Manager and RSA Federated Identity Manager to manage user
access across the three hospitals. The system allows doctors and nurses in the
Geisinger, Shamokin, and Bloomsburg emergency departments to access critical health
data of each others patients in real time. Geisinger has also rolled out RSA Adaptive
1
Case Study 6

Computer Security
MITM 663
Authentication to provide affiliated and referring physicians with secure access to
patients electronic medical records. Using RSA technology, Geisinger has been able to
mitigate the risk of internal security breaches through centralized management and
control of user authentication and authorization privileges
iv.

Rappattoni

The RSA SecurID system is a great advantage for our MLS customers. RSA
Adaptive Authentication establishes the identity of users by measuring a series of
risk indicators such as device identification, geographical location, and behavioral
profiling. By deploying the technology, Rapattonis customers ensured legitimate users
can securely access the MLS from an office PC, notebook, or remote PC at a client site,
regardless of location. It works by collating fraud indicators with user profiling and
transactional behavioral patterns and identifies behavior and activity patterns that do
not conform to historical patterns and known activities.

2
Case Study 6