ABOUT THE RSA SECURID SUITE: IDENTITY ACCESS MANAGEMENT (IAM) EVOLVED SECURING IDENTITY: THE CHALLENGE TO THE ENTERPRISE With the rise of SaaS applications and personal devices in the workplace, the formerly fixed perimeter of the enterprise has become disrupted. For every benefit that has emerged from increased connectivity, new vulnerabilities arise. Consider: • The enterprise landscape now extends across on- premises, mobile, Public and Private Clouds • The need to allow access to corporate applications and data is ever increasing • Unauthorised use of applications, or Shadow IT, has become more common • These conditions have created ‘Islands of Identity’, resulting in security fragmentation • Black hat hackers ceaselessly seek every possible exploit to disrupt vital systems and steal valuable data or assets. Unfortunately, the very same people at the heart of businesses have themselves become unwitting vectors of attack, with 63% of all confirmed data breaches involving weak, default, or stolen passwords. 1 The need for an all-encompassing solution for the enterprise to address these multiple identity-based vulnerabilities – without negatively impacting the user experience – has never been greater. 1 Verizon Data Breach Investigations Report 2016 In response to these challenges, RSA have created the RSA SecurID Suite. By unifying multi -factor Single Sign-on (SSO) authentication with intelligent analytics and policy management, it is the one solution that can provide a common authentication and access control solution for all enterprise resources – wherever they live. 1. RSA SecurID Access Strong, secure access and SSO to all applications and platforms, including Web and SaaS apps, native mobile apps and legacy resources (including VPNs, firewalls, virtual desktops and Windows or Linux servers). A choice of authenticators – hardware or software tokens, wearables, biometrics, and more – for the ultimate balance of security and convenience. With over 400+ integrations with traditional applications and a frictionless user experience, all passwords are stored safely on-premises – never in the Cloud. 2. RSA Identity Governance Simplify the governance of user access across the enterprise, and enhance compliance through automated monitoring, certification, and remediation of user entitlements. RSA Governance grants enterprise-wide visibility into all user access privileges. 3. RSA Identity Lifecycle Automate provisioning and access requests, approval and delivery for streamlined onboarding and transfers, enabling quick connection across all key applications – SaaS or on-premises. Enterprises can leverage their existing provisioning systems – no need to rip and replace. RSA SecurID Suite is composed of: “With identity a sustaining element of digital business, IAM is a critical obligation for business leaders, security and risk professionals, and IT staff. With the advent of digital business, it becomes even more important that IAM initiatives across the organization be united within a single program.” - Gartner, Market Guide for User Authentication, February 2016 IDENTITY & ACCESS MONITORING & ANALYTICS GOVERNANCE, RISK & COMPLIANCE MANAGE INVESTIGATION AUTHENTICATION LAUNCH INVESTIGATION CLOUD RESOURCES ACCOUNT PROVISIONING SINGLE SIGN-ON ACCOUNT PROVISIONING SINGLE SIGN-ON ON-PREMISE RESOURCES STEP-UP AUTHENTICATION STEP-UP AUTHENTICATION ID PASS ****** REAL-TIME MONITORING DATA SALES D8 CUSTOMER D8 EMAIL SEARCH: “TRANSACTION” SEARCH: “CUSTOMER” HR DATA EMPLOYEE INTERNET ALERT! HACKER TOOL ACTIVITY ! ALERT! FAILED ATTEMPT TO ACCESS CONFIDENTIAL INFORMATION ! ALERT! ACTIVITY FROM KNOWN-BAD IP ADDRESS ! SEVERITY: 1 ! ANALYTICS DATA DATA ACCESS WITH STOLEN CREDENTIALS ! ! ! ! INCIDENT REMEDIATED THREAT STOPPED DEFINE CRITICAL ASSETS CRITICAL CONFIDENTIAL ASSET: FINANCIAL RECORDS $ WORKFLOW CRITICAL ASSET: PERSONAL INFORMATION DEFINE CRITICAL ASSETS