Press Releases

Unedited news and product information from vendors.

RSA Delivers Centralized Management of Diverse Credentials to the Enterprise Market
Sep 18, 2007 (08:09 AM EDT)


LONDON, Sept. 18 /PRNewswire/ -- GARTNER IT SECURITY SUMMIT -- RSA, The Security Division of EMC , today announced a new version of the RSA(R) Card Manager solution that is designed to enable enterprises to manage diverse credentials centrally throughout all phases of the credential lifecycle -- from issuance to post-issuance management.

RSA SecurID(R) two-factor authentication customers with existing or planned public key infrastructure (PKI) applications can now manage their full set of credentials from a single management platform, regardless of their mix of one-time passwords, digital certificates and form factors. With more than 30 million RSA SecurID authenticators shipped to date, and the growing use of PKI-enabled applications, the newest capabilities of RSA Card Manager are both timely and relevant for businesses in every sector.

Diverse Credentials Bolster Security but Pose Management Challenge

The need for credentials of various types -- one-time passwords, digital certificates, usernames/passwords -- continues to evolve as enterprises seek more efficient and cost-effective ways of securing a growing number of applications as well as the exponential explosion in business data. As companies, particularly those in highly-regulated industries, seek to bolster security via digital signing, secure email, secure transactions and hard disk encryption, they are considering a mix of credentials to serve the wide- ranging needs and risk levels across disparate user populations. Enterprises are seeking to put the most appropriate credentials in the hands of each user -- and this matching of credential type with risk level is critical to an enterprise's overall security posture.

"Enterprises are able to tap more of their potential by strengthening security through the use of diverse credentials," said Christopher Young, Vice President and General Manager, Identity and Access Assurance Group at RSA, The Security Division of EMC. "However, with a mix of credentials comes a serious management challenge: the security value offered by those credentials can be significantly undermined by inefficient, disjointed administration. Unified management of an enterprise's full mix of credential types across the entire credential lifecycle is essential to mitigating security risk."

New Functionality Engineered to Enable Unified Management of Mixed Credentials

Building on proven functionality, the new release of RSA Card Manager is designed to bring centralized management of diverse credentials to the enterprise. Now fully integrated with RSA(R) Authentication Manager -- the power behind RSA SecurID two-factor authentication -- RSA Card Manager is newly built to issue and manage RSA SecurID credentials, including RSA SecurID hardware authenticators and software tokens installed on smart cards.

For enterprises, this new functionality means they can now tightly manage their credentials, whatever the current or future mix may be, from a single management platform. RSA Card Manager is designed to equip enterprise security managers to administer every phase of the credential lifecycle centrally, enabling them to efficiently:

-- Enroll users and verify their identities -- Install and secure credentials on devices -- Print smart cards (including printed credentials such as photographs, 2-D barcodes and user information) -- Drive the distribution program -- Manage self-service requests such as PIN resets -- Facilitate replacements and emergency access -- Renew and suspend/revoke credentials

This close management of an enterprise's full set of credentials closes the security gaps that are created when changes to the business -- or to a user's status -- outpace the ability to update credentials to reflect those changes. For example, a user whose employment is suddenly terminated may have access to critical, confidential information and that access may be governed by various types of credentials on one or more devices. The speed with which all of those credentials can be revoked will significantly help lower the risk borne by the enterprise when such changes occur.

U.S. Federal Government's HSPD-12 Initiative Influences Highly Regulated Enterprises

HSPD-12, a directive driving U.S. federal government employees and contractors to use a smart card for both physical and logical access, has not only substantially changed credentialing in the federal market, but is also influencing the credential management strategies of some large enterprises. In addition to enterprises that contract with the federal government and must therefore comply with HSPD-12, enterprises in highly regulated industries such as financial services, banking, healthcare, and biotechnology, are recognizing a need to establish trusted identities with managed credentials for physical and logical access. As they look for systems with established and secure technology, and proven credentialing workflows, the HSPD-12 / FIPS-201 standard offers an excellent model. As RSA SecurID two-factor authentication is widely deployed in these vertical industries, the new release of RSA Card Manager is highly relevant to their overall credential management strategies.

Availability

The new version of the RSA Card Manager solution is available beginning September 2007. For more information, please visit www.rsa.com/rsacardmanager .

About RSA

RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world's leading organizations succeed by solving their most complex and sensitive security challenges. RSA's information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle -- no matter where it moves, who accesses it or how it is used.

RSA offers industry-leading solutions in identity assurance & access control, encryption & key management, compliance & security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com www.EMC.com and .

RSA and SecurID are registered trademarks and/or trademark of RSA Security Inc. in the U.S. and/or other countries. EMC is a registered trademark of EMC Corporation. All other products and/or services mentioned are trademarks of their respective companies.

This release contains "forward-looking statements" as defined under the Federal Securities Laws. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: (i) adverse changes in general economic or market conditions; (ii) delays or reductions in information technology spending; (iii) risks associated with acquisitions and investments, including the challenges and costs of integration, restructuring and achieving anticipated synergies; (iv) risks associated with the VMware IPO, including the inability to manage successfully and complete the IPO, and risks associated with trading of VMware stock if the IPO is completed; (v) competitive factors, including but not limited to pricing pressures and new product introductions; (vi) the relative and varying rates of product price and component cost declines and the volume and mixture of product and services revenues; (vii) component and product quality and availability; (viii) the transition to new products, the uncertainty of customer acceptance of new product offerings and rapid technological and market change; (ix) insufficient, excess or obsolete inventory; (x) war or acts of terrorism; (xi) the ability to attract and retain highly qualified employees; (xii) fluctuating currency exchange rates; and (xiii) other one-time events and other important factors disclosed previously and from time to time in filings with the U.S. Securities and Exchange Commission by EMC Corporation, the parent company of RSA. EMC and RSA disclaim any obligation to update any such forward-looking statements after the date of this release.

CONTACT: Jessica Hawks, +1-781-515-6067, jhawks@rsa.com; Sandra Heikkinen,+1-212-905-6043, , both for EMC Corporation

Web site: http://www.emc.com/ http://www.rsa.com/