RSA and Zscaler concocting cloud authentication cure

RSA forms a partnership with Zscaler to bring better authentication for app use outside the enterprise.

Cloud security

EMC's security division has hooked up with Silicon Valley start-up Zscaler to create a product to make managing identity management outside of corporate networks simpler and more effective.

RSA said the cloud-based service would see its authentication technologies combined with Zscaler's agent-less, hardware-less security service to watch over external use of applications.

Zscaler's product works by pushing access and policy controls to company devices from datacentres that the vendor runs in 150 countries.

All Zscaler customers need to do is point traffic towards those datacentres. That traffic will also be scanned for potential threats.

The combined product will use that Zscaler technology - its ability to monitor users behaviour when accessing apps as well as check for vulnerabilities - with RSA's established authentication services.

We still haven't gotten rid of permiter-based thinking. We do not have a construct or a model for defence in depth. We need that badly.

During a prebrief at the RSA 2012 conference in San Francisco, RSA showed how the authentication rules would change depending on where the worker was.

For mobile device users, it will mean they are first authenticated at the ZScaler Secure Web Gateway.

So if the employee had hooked up to a new device and was attempting to access an app like Salesforce.com, the Zscaler technology would detect that before pushing them to RSA authentication for further questioning. If the worker passed the questions, they would get to access Salesforce.com.

The product will seek to protect against hackers who choose to compromise user accounts and devices, rather than going after business servers.

Intriguingly, the companies will jointly market and sell the solution.

A proof of concept has been designed, but there was no word on when the product was expected to land.

During the press briefing yesterday evening, RSA chairman Art Coviello said the industry had to react to changes in the security landscape and the Zscaler partnership was one way in which EMC's security arm was doing that.

"There has been a confluence of events that has put our industry in a very, very challenging position... IT infrastructure has changed and the nature of the cyber criminals has changed," Coviello said.

"We still haven't gotten rid of permiter-based thinking. We do not have a construct or a model for defence in depth. We need that badly.

"With these changes in the environment and all these things that have gone on... not only do organisations have to manage what they can't directly control, but security companies have to secure what they can't directly control.

"We have our work cut out for us but we have that capability. This industry has been incredible at innovating... but we have to recognise the seriousness of the problem we are dealing with."

Locking down mobiles

RSA also talked up its collaboration with other vendors working in the mobile app and remote working space.

It has secured various deals with the likes of Citrix, Juniper Networks and VMware to embedRSA authentication technology into software such as Receiver, the Junos Pulse VPN and VMware View.

RSA has also formed tighter partnerships with other companies who are attacking the BYOD trend from the apps side, including Good Technology.

Featured Resources

Defeating ransomware with unified security from WatchGuard

How SMBs can defend against the onslaught of ransomware attacks

Free download

The IT expert’s guide to AI and content management

How artificial intelligence and machine learning could be critical to your business

Free download

The path to CX excellence

Four stages to thrive in the experience economy

Free download

Becoming an experience-based business

Your blueprint for a strong digital foundation

Free download

Recommended

Indiana notifies 750,000 after COVID-19 tracing data accessed
data breaches

Indiana notifies 750,000 after COVID-19 tracing data accessed

18 Aug 2021
Pearson fined $1 million for downplaying severity of 2018 breach
data breaches

Pearson fined $1 million for downplaying severity of 2018 breach

17 Aug 2021
Iboss protects web sessions with remote browser isolation
Cloud

Iboss protects web sessions with remote browser isolation

16 Aug 2021
“Great resignation” sparks concern over insider data leaks
data protection

“Great resignation” sparks concern over insider data leaks

13 Aug 2021

Most Popular

Zoom: From pandemic upstart to hybrid work giant
video conferencing

Zoom: From pandemic upstart to hybrid work giant

14 Sep 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Google takes down map showing homes of 111,000 Guntrader customers
data breaches

Google takes down map showing homes of 111,000 Guntrader customers

2 Sep 2021