The Suite complements SecurID’s traditional two-factor authentication with identity governance and identity lifecycle management, to create a broad solution the company says defies easy classification.
RSA, The Security Division of EMC – and soon, likely the Security Division of Dell Technologies – has announced a major reworking of its SecurID portfolio. The new offering, the SecurID suite, has the same name as RSA’s traditional two factor authentication product. It goes much beyond that however, adding identity governance and identity lifecycle capabilities in an integrated solution. It also greatly broadens the options for authentication.
Marcus LeCuyer, RSA’s Area VP for Canada, said that the suite caps an exciting evolution since he moved over from EMC to RCA in 2009.
“Now that this is a suite, we can talk about it as an integrated platform more openly,” LeCuyer said.
He indicated that the SecurID Suite isn’t a product that will fit well into conventional categorization that Gartner does.
“It’s going to be hard to put this into a box,” he said. “Gartner won’t create a category that encompasses everything all at once, but that is what this is.”
LeCuyer said the suite covers three categories, starting with secure ID access, which includes SecurID’s traditional two-factor authentications, but also encompassing an identity governance portfolio, and an identity lifecycle portfolio – provisioning.
“This covers all of traditional two-factor authentication, single sign-on, provisioning, governance and lifecycle management,” he said. “At the end of the day, and what we hope Gartner recognizes, is that we are moving from the identity side and moving into single sign-on. It makes us the only vendor with the ability to manage a single identity from the time that it joins an organization. This single platform manages that lifecycle from when a person moves into the organization until they leave it.”
LeCuyer said that this is the wave of the future for platform vendors.
“RSA has 10 competitors in two-factor authentication, 6 competitors in lifecycle management and 3 or 4 in governance,” he said. “There will always be point vendors. But for platform vendors like us, this is where it is headed.”
RSA had all the suite’s technologies before. What’s different now is that they have been fully integrated to work together in a single suite.
“We are now much more tightly aligned around packaging and branding, which should reduce confusion in the market,” LeCuyer said. “We can also offer better pricing scenarios, which allow the customer to move up the stack and mature.”
LeCuyer also said the new suite will allow enterprises to stop having to make a trade-off between security and convenience.
“Before they bought SecureID, but they wouldn’t put it on their cloud apps. They would use a standard out of the box password. With the new packaging, we can provide a perfect balance with single sign-on through strong identification. It lets you balance security and convenience. That’s the real value we are driving here – that you can move up to stack to a cloud application and bridge it with a single platform. You can now access the cloud in a convenient way. You don’t have to pull out a token every time. Tokens will be around as long as customers want to use them, but they do not need to be in play for use cases with a cloud single sign on. You don’t need traditional two-factor authentication for web applications.”
This expansion of authentication methods beyond the traditional tokens includes next-gen mobile-based ones like EyePrint ID technology, TouchID fingerprint identity sensor verification and tap or shake. Users can also leverage traditional RSA SecurID hardware and software tokens, as well as FIDO based authenticators.
“Strong authentication is expanding up the stack anyway,” LeCuyer said. “It has to, because bad people get in using a valid but compromised credential. With this we are stepping up to provide stronger authentication on more applications. We are also opening up the entire cloud conversation, extending full value out into the cloud, while giving just one platform to manage.”
The opportunities here will be channel ones. The original SecureID has been 100 per cent channel for years. In addition, while about 50 per cent of RSA’s business globally has been channel, and 50 per cent direct, in early 2016, RSA announced that it was going 100 per cent partner first, and that direct business not soon closed would be transitioned to the channel.
“Amit Yoran [RSA’s President] and our senior executives believe the channel is critical for our longer term success,” LeCuyer said.
LeCuyer also noted that Canada has been running ahead of RSA globally here.
“We were ahead of the curve in Canada by about a year,” he said. “Last year, we were 70 per cent channel focused and 30 per cent direct, and we started last year to move to 100 per cent channel.”