• Press Release

    July 22, 2015

    RSA Via Lifecycle and Governance Identity Solution Enhances Cyber Defense While Improving Compliance Business Efficiency and Performance

    New Capabilities Speed Detection of Unauthorized Privilege Escalation and Remediation of Account Compromise

    Story Highlights

    • RSA® Via Lifecycle and Governance is designed to contribute critical new and enhanced capabilities to aid detection of advanced attacks, automatically alerting users to unauthorized access changes, including privilege escalations frequently performed by malicious actors who have compromised user identities
    • Integration with RSA Archer® Governance, Risk, and Compliance is engineered to improve visibility for incident handlers through sharing of identity context, and connects access governance and lifecycle processes to the enterprise risk model
    • Helps accelerate business processes for onboarding new users, and streamlining user interface configuration tasks
    • Scalability, reliability and performance enhancements helps ensure IT can effectively govern and administer thousands of applications in an organization


    RSA, The Security Division of EMC (NYSE:EMC), today announced the newest version of RSA Via ® Lifecycle and Governance, and the completion of the RSA Via family of Smart Identity solutions. Improved lifecycle management and governance are critical capabilities for managing identities in today's environments where cloud and mobility have dramatically transformed business processes and requirements and advanced threat actors increasingly target and exploit identities as a primary attack vector. RSA Via Lifecycle and Governance ( formerly known as Identity Management and Governance, and Aveksa), helps organizations efficiently and reliably deliver users the right access to the right resources from the endpoint to the network to the cloud, without sacrificing security, compliance, or agility. With new automated detection capabilities enforcing access policies and processes, RSA Via Lifecycle and Governance now is designed to improve security through enhanced visibility into authorized and unauthorized changes across the network. This offers enterprises the ability to quickly detect malicious privilege escalation, reverse it, and break a key link in the cyber-attack chain of advanced threats.

    Secure Identity Management

    Identities and credentials are a primary target for hackers and criminals. With the latest enhancements to RSA Via Lifecycle and Governance, Identity and Access Management (IAM) teams can further contribute to organizational cybersecurity initiatives while helping to ensure their businesses' identity needs are efficiently and effectively met. By actively validating all user access changes against policy and processes, the RSA solution is engineered to quickly detect unauthorized user access changes - including privilege escalation performed by malicious actors. This capability also detects “out of band” access grants by end users who bypass IT processes, reducing security risk and ensuring consistent enforcement.

    RSA Via Lifecycle and Governance helps Security Operations Center (SOC) teams better analyze and triage incidents by providing essential identity context. Enhancing user IDs with detailed views of a user, their job role, and any inappropriate access rights, SOC teams now can more quickly and effectively analyze and remediate security incidents.

    Robust, Scalable, and Reliable Identity Management

    Organizations demand that their IAM platforms be scalable and reliable to support a 24x7, global business environment. RSA Via Lifecycle and Governance is engineered to provide enhanced enterprise-class scalability and high availability through significant performance improvements, enabling IT to effectively govern and administer 100s, and even 1,000s of applications in an organization. Enhancements to RSA Via Lifecycle and Governance also help allow organizations to collect and process identity data on a more frequent basis, providing better and faster visibility into any user access changes. Additionally, RSA has improved system resiliency to erroneous or corrupted application data.

    Business Agility

    Information Security teams often struggle to balance the demands of the business – which typically wants broader and faster access – with the need to maintain a strong security and compliance stance. With the new capabilities of RSA Via Lifecycle and Governance, organizations can quickly respond to business needs, without sacrificing security and compliance. IAM teams are now able to more rapidly on-board applications through a wizard-based UI, and leverage improved ease-of-use for workflow, form, and application on-boarding configuration. These capabilities build upon RSA's philosophy of “configuration, not customization,” enabling IAM teams to more rapidly respond to business needs.

    An Integrated Solution – One RSA

    RSA Via Lifecycle and Governance completes the new RSA Via portfolio of smart identity solutions, including, RSA Via Access, and RSA SecurID® and complemented by other RSA solutions such as RSA ® Adaptive Authentication. With RSA Via, organizations have a comprehensive solution for managing all of their identity needs from the endpoint to the cloud.

    Outside of the RSA Via portfolio, RSA Via Lifecycle and Governance integrates with RSA Archer ® GRC to enable a consistent and actionable risk model for organizations. Application risk can be shared between RSA Archer GRC and RSA Via Lifecycle and Governance, helping to ensure that core IAM business processes – such as access review frequency and access request approval workflows – reflect risk levels appropriately. RSA Via Lifecycle and Governance can also be used to help prove enforcement of relevant policies and control procedures, reducing risk and meeting compliance requirements defined within RSA Archer GRC.

    The newest release of RSA Via Lifecycle and Governance will be available in Q3 2015.

    Executive Quote:

    Jim Ducharme, Vice President of Engineering and Product Management, RSA 

    “Legacy IAM systems aren't capable of addressing the constantly evolving requirements of today's mobile and cloud-based environments. Organizations need to approach identity, security and compliance from a holistic perspective, and adopt solutions that are as agile as and scale to meet the needs of their dynamic enterprise IT environments. With the introduction of RSA Via Lifecycle and Governance, we've completed the RSA Via portfolio of smart identity management solutions and given organizations an end-to-end identity solution. RSA Via is built for a world where mobility, cloud computing and advanced threats are all an integral part of the identity management and authentication challenge. We've connected the dots between those key pain points in a way no one else can - with an analytics- and risk-based approach to identifying roles, managing identities and locking down one of today's most common tactics in advanced threats— user compromise and privilege escalation. The enhancements to RSA Via Lifecycle and Governance helps meet the needs of today's evolving IT landscape, making managing access easier, improving visibility and effectiveness, while also improving governance, efficiency and security for enterprises.”

    Analyst Quote

    Jon Oltsik, Principal Analyst, Enterprise Strategy Group

    “Information Security professionals often struggle to maintain a secure IT environment while delivering efficient and reliable access to business systems and resources. Employees want access to business applications from every device, but IT needs to take the appropriate steps to balance user convenience with security and compliance. Leading enterprises are adopting identity management systems that facilitate business agility AND strong security so they can rapidly detect and respond to issues such as malicious privilege escalation.”


    About Dell

    EMC Corporation is a global leader in enabling businesses and service providers to transform their operations and deliver IT as a service. Fundamental to this transformation is cloud computing. Through innovative products and services, EMC accelerates the journey to cloud computing, helping IT departments to store, manage, protect and analyze their most valuable asset – information – in a more agile, trusted and cost-efficient way. Additional information about EMC can be found at www.EMC.com.

    About RSA

    RSA’s Intelligence Driven Security solutions help organizations reduce the risks of operating in a digital world. Through visibility, analysis, and action, RSA solutions give customers the ability to detect, investigate and respond to advanced threats; confirm and manage identities; and ultimately, help prevent IP theft, fraud and cybercrime. For more information on RSA, please visit www.rsa.com.

    RSA, Archer, SecurID and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. Android is a trademark of Google Inc. All other company and product names may be trademarks of their respective owners.

    This release contains “forward-looking statements” as defined under the Federal Securities Laws. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: (i) adverse changes in general economic or market conditions; (ii) delays or reductions in information technology spending; (iii) the relative and varying rates of product price and component cost declines and the volume and mixture of product and services revenues; (iv) competitive factors, including but not limited to pricing pressures and new product introductions; (v) component and product quality and availability; (vi) fluctuations in VMware, Inc.’s operating results and risks associated with trading of VMware stock; (vii) the transition to new products, the uncertainty of customer acceptance of new product offerings and rapid technological and market change; (viii) risks associated with managing the growth of our business, including risks associated with acquisitions and investments and the challenges and costs of integration, restructuring and achieving anticipated synergies; (ix) the ability to attract and retain highly qualified employees; (x) insufficient, excess or obsolete inventory; (xi) fluctuating currency exchange rates; (xii) threats and other disruptions to our secure data centers or networks; (xiii) our ability to protect our proprietary technology; (xiv) war or acts of terrorism; and (xv) other one-time events and other important factors disclosed previously and from time to time in the filings of EMC Corporation, the parent company of RSA, with the U.S. Securities and Exchange Commission. EMC and RSA disclaim any obligation to update any such forward-looking statements after the date of this release.