SOLUTION BRIEF
SecurID Authentication ®
Modern authentication for today’s identity challenges
As organizations turn on a growing number of on-premises, cloud and mobile
applications, their attack surfaces increase, as does the probability that a single
compromised identity can lead to a catastrophic data breach. With most attacks
Transforming Secure relying on compromised identities somewhere in the chain, identity has become the
Access most consequential threat vector that organizations are facing today.
SecurID authentication
Now more than ever, organizations need a high level of assurance that users are
delivers a comprehensive
who they say they are. But to be effective, and to ensure their businesses stay
set of modern capabilities
agile, they also need a secure access solution that won’t slow users down, but
so you can protect what
instead provide them with a common and convenient experience to any application,
matters most. You need
from any device.
authentication that’s:
• Convenient for Secure access on-premises and in the cloud
end users and easy
Most midsize to large organizations have hundreds of applications
for IT to deploy
deployed and in use. It’s not just the number that poses a challenge,
and maintain
but the fact that they have a mix of on-premises, cloud and mobile
• Intelligent and uses resources—all of which need protected access.
real-time context
RSA provides the most reliable multi-factor authentication (MFA)
to challenge to the
solution for on-premises applications like virtual private networks (VPNs) and for
level of risk
cloud and mobile applications, including Office 365, Salesforce and Workday.
• Pervasive and can be
deployed everywhere For over twenty years, RSA’s dedicated partner engineering team has been working
hand-in-hand with leading technology vendors to test, certify and support all of
That’s SecurID our application integrations, to ensure that your security works flawlessly out of
authentication from RSA. the box, and keeps working smoothly even after application providers patch and
update their code.
Whether you’re new to MFA or have been using it for years, RSA provides a single,
strong authentication platform that enables secure access everywhere.
�Secure and convenient authentication methods
While employees will always be a main concern, organizations have
a growing need to provide third parties access. Contractors, partners
and customers all need access, for a variety of reasons and use
scenarios—and all with different preferences and requirements.
Users need easy and convenient access, while you need the confidence of knowing
they are who they say they are. With RSA, you don’t have to trade convenience
for security. In addition to SecurID award-winning tokens, we offer a broad set
of authentication options that work directly on users’ mobile phones—including
push to approve, biometrics, SMS and more—ensuring you have the “right size”
authentication for each user and every use case.
Whether you need the “air gap” security hardware tokens uniquely provide or the
low touch capabilities of SMS, RSA delivers a solution that’s easy for users to use,
and for you to deploy, while giving you peace of mind that your most sensitive
assets are protected.
Going beyond multi-factor
For added security and improved usability, we’ve taken authentication
beyond simply two or three factors. SecurID authentication uses
machine learning behavioral analytics, business context and threat
intelligence to draw a comprehensive picture of the user and the risks
associated with their access.
Analyzing contextual attributes related to when and where an access request
Push-to-Approve
comes from, the security posture of a device, the user’s role and sensitivity of the
application, and whether they’ve been associated with known fraud or exposed to
known threats, provides a 360-degree view of the risk associated with user access.
SecurID automatically, and without requiring any intervention, calculates an identity
confidence score (Low or High) for each user, based on a variety of data points. By
doing this in real time, organizations can automatically challenge users based on the
level of risk—ensuring that high risk is met with high security, while low-risk cases
are afforded the convenience of not being asked for any additional authentication.
Simplifying authentication requirements
With a large number of applications to support, and an increasing
variety of ways to verify users and measure access risk, organizations
need an easy way to pull it all together—a simple way to define their
authentication requirements.
Since different use cases require different levels of authentication, SecurID provides
organizations an easy way to configure authentication options based on the user,
application, context and risk information it collects.
Mobile OTP
SecurID Authentication | 2
�SecurID assurance levels enable organizations to simply group their use-case requirements into three levels—Low, Medium
and High assurance. Each level corresponds to the relative strength of security organizations require for a particular
application or use scenario. Low-risk scenarios need low levels of assurance (verification), while those of the higher-risk
variety may require different, more secure types of access controls.
SecurID core components
SecurID
Assurance Contextual
Levels CA
PA
BIL
I
TIE
User Behavior Policy
S
Management
Single Sign-On User Self-Service
CO
MP
(on-prem or cloud) (i.e. push, bio, tokens, SMS,etc.)
ON
EN
TS
Machine Learning
Service (SaaS) (Agents and APIs) Risk Engine
Cloud Authentication Service is a software-as-a-service (SaaS) access and authentication platform that provides single
sign-on (SSO) and MFA for SaaS, cloud, web and mobile applications. The Cloud Authentication Service can also accept
authentication requests from third-party SSO solutions or cloud applications that have been configured to use SecurID as
the identity provider (IdP) for authentication.
SecurID Authentication Manager verifies authentication requests, and centrally administers authentication policies,
SecurID tokens, users, agents and resources across physical sites, to help secure access to on-premises, cloud and web-
accessible applications such as VPNs and web portals.
Agents and APIs: We provide connectors and standard agents for SAML and RADIUS-based applications, as well as for
IIS/Apache, Windows, Unix/Linux and ADFS. In addition, a REST-based API enables organizations to add MFA to their
custom applications.
About RSA
RSA provides trusted identity and access management for 12,000 organizations around the world, managing 25 million
enterprise identities and providing secure, convenient access to millions of users. RSA empowers organizations to thrive
in a digital world, with complete capabilities for modern authentication, lifecycle management and identity governance.
Whether in the cloud or on-premises, RSA connects people with the digital resources they depend on everywhere they
live, work and play. For more information, go to RSA.com.
©2022 RSA Security LLC or its affiliates. All rights reserved. SecurID, RSA and the RSA logo are registered trademarks or trademarks of RSA
Security LLC or its affiliates in the United States and other countries. All other trademarks are the property of their respective owners. RSA
believes the information in this document is accurate. The information is subject to change without notice. 05/22 Solution Brief
