RSAS Rsa Security

RSA Security Joins with Microsoft to Bring Strong Authentication to Windows Environments RSA SecurID(R) for Microsoft(R) Windows(R) Solution To Deliver Secure, Simplified Login for Enterprise Windows Users SAN FRANCISCO, RSA(R) CONFERENCE 2004, Feb. 24 /PRNewswire-FirstCall/ -- RSA Security Inc. today announced that it is joining with Microsoft Corp. to deliver stronger security for Microsoft environments by replacing static passwords with strong, two-factor authentication. The new RSA SecurID(R) for Microsoft(R) Windows(R) solution, which will be available through RSA Security, is designed to help Microsoft enterprise customers ensure that valuable desktop and network resources are accessible only by authorized users, while simultaneously delivering a simplified and consistent user login experience. "Despite highly publicized corporate security breaches caused by individuals who have circumvented password systems, many companies still rely on them for user access to desktops and the network domain," said Art Coviello, president and CEO at RSA Security. "RSA Security is working with Microsoft to give Windows enterprise customers a smart, simple alternative to static passwords, enabling them to avoid potentially expensive and damaging security breaches that can occur both inside and outside the firewall." The RSA SecurID for Microsoft Windows solution is designed to provide a simple, consistent user login experience, regardless of whether the user is working on- or offline, remotely orinside the walls of the enterprise. By combining something the user knows (i.e., a secret PIN) with something the user possesses (i.e., a unique RSA SecurID token that generates a random, one- time password every 60 seconds), Microsoft Windows enterprise customers will have an effective, easy way to secure user access to sensitive company information. The RSA SecurID for Microsoft Windows solution is designed to provide significantly greater security than static passwords - without requiring any additional hardware on the desktop. "Customers have told us they want strong, integrated authentication technology," said Michael Nash, corporate VP for the Security Business and Technology Unit (SBTU) at Microsoft. "By using RSA SecurID two-factor authentication in place of traditional static passwords, customers will be able to more positively identify users before giving them access to systems and corporate resources." "At Raymond James Financial, we recognize that password-only security can be risky for protecting access to valuable resources stored on our network or users' desktops - whether that access is being provided online or offline," said Don Richmond, manager, Information Security at Raymond James. "We are thrilled to see RSA Securityworking with Microsoft to provide enhanced security for the Windows environment while simultaneously delivering easier authentication processes for our end users." Providing simple, consistent user login experience both on- and offline Today's user is generally required to remember different passwords, which vary depending on how and from where the user is logging on to the enterprise network. For example, a user's password for accessing the local network may differ from his password for gaining remote access over a connectivity device such as a VPN. Exacerbating the problem is the need to change these passwords frequently based on corporate IT security policies. These multiple login procedures can result in user frustration as well as escalating help-desk administration costs. With the RSA SecurID for Microsoft Windows solution, the user will be prompted for his/her PIN and one-time password upon login, rather than a static password. This information is then directed to the RSA ACE/Server(R) software, which ensures that the user has presented the proper credentials for gaining access. This strong authentication process is engineered to remain consistent - even when the user is disconnected from the network - delivering a common user login experience irrespective of how or from where the user is requesting access. "While users express frustration about their multiple, ever-changing passwords and IT managers worry about poor security, the cost of managing these systems is escalating out of control," said John Girard, vice president and research director at Gartner, Inc, a research and advisory firm. "Merging token authentication with the operating system affords users the benefits of one-time passwords without having to remember multiple passwords, and without needing to be online to a central authentication service." Increasing compliance with industry and government regulations The difficulties associated with password-based authentication are compounded by the inability to efficiently and consistently audit user access to the corporate network. As companies struggle to find effective, manageable procedures to comply with industry and government regulations such as HIPAA, Sarbanes-Oxley, Gramm-Leach-Bliley and others, the RSA SecurID for Microsoft Windows solution is designed to provide the auditing capabilities that can help companies meet these challenging requirements. The RSA SecurID for Microsoft Windows solution captures all Windows desktop and domain login attempts - both remote and local - and centrally logs them in the RSA ACE/Server software. These centralized activity logging and robust reporting capabilities can help organizations comply with government regulations. Product Availability RSA Security anticipates that it will begin limited beta testing in the second quarter of 2004 and it expects that the product will be commercially available in the third quarter of 2004. Customers will be required to have Microsoft(R) Windows(R) 2000, Windows(R) XP or Windows Server(TM) 2003 operating systems, along with a RSA ACE/Server 6.0 Advanced license, the RSA ACE/Agent(R) 6.0 for Windows solution and RSA SecurID tokens in order to implement this solution. Through March 2005, new RSA ACE/Server 6.0 Base license customers, as well as existing Base license customers that have a current maintenance contract, and upgrade to RSA ACE/Server 6.0 software prior to March 31, 2005, will be able to make use of RSA SecurID for Microsoft Windows functionality without having to upgrade to an Advanced license. The solution will be sold directly from RSA Security and through its network of distribution partners. For more details, please visit http://www.rsasecurity.com/go/windows/. About RSA Security Inc. RSA Security Inc. helps organizations protect private information and manage the identities of people and applications accessing and exchanging that information. RSA Security's portfolio of solutions - including identity & access management, secure mobile & remote access, secure enterprise access and secure transactions - are all designed to provide the most seamless e-security experience in the market. Our strong reputation is built on our history of ingenuity, leadership, proven technologies and our more than 14,000 customers around the globe. Together with more than 1,000 technology and integration partners, RSA Security inspires confidence in everyone to experience the power and promise of the Internet. For more information, please visit http://www.rsasecurity.com/. RSA, SecurID, ACE/Server and ACE/Agent are either registered trademarks or trademarks of RSA Security Inc. in the United States and/or other countries. Microsoft, Windows and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and other countries. All other products and services mentioned are trademarks of their respective companies. For more information: Roger Fortier McGrath/Power Public Relations (408) 727-0351 Tim Powers RSA Security Inc. (781) 515-6212 DATASOURCE: RSA Security Inc. CONTACT: Roger Fortier, McGrath/Power Public Relations, +1-408-727-0351, ; or Tim Powers, RSA Security Inc., +1-781-515-6212, Web site: http://www.rsasecurity.com/

Copyright