Managing user identities and corporate applications to meet regulatory needs is an obligation an increasing number of organizations have to meet.
But enterprises find some identity management and governance solutions complex and inefficient, especially in an era when departments are adding cloud and mobility applications.
RSA is trying to make its solutions more appealing by adding new capabilities it says will make it easier for infosec pros to carry out their tasks.
The company said Wednesday that its new Via Lifecyle & Governance suite will help administrators run user and application certification campaigns more frequently to achieve compliance.
L&GÂ is actually a merger of RSA’s on-premise IMG suite and the cloud-based My Access Live (MAL). It’s the second suite to be added to the Via identity management line; the first was Via Access, announced in the spring.
RSA also announced improvements to its ECAT endpoint threat detection suite.
Via Lifecyle & Governance automates the management, control and enforcement of access to applications and data.
In an interview Prashant Darisi, senior director for RSA identity management and governance products, said new capabilities include
— the ability to detect malicious or unauthorized change detection, which may lead to inappropriate access;
–“circuit breakers,” that trigger alerts when dramatic change in your ecosystem, either application assets or accounts or user population, are spotted;
–rapid application onboarding through wizards. An administrator just has to point the system to Active Directory and can build a user, entitlement or provisioning collector on the fly, Darisi said. It can also associate a request form to an application that automatically enables self- service.
–the data model has also been updated to allow the suite to “dramatically” speed the ability to add cloud and mobile apps and users, as well as partners.
If a security policy for an application changes from low to high risk the suite can now make the changes automatically, Darisi said.
Via L&G is now sold as either a cloud or on-prem, with the Lifecyle and Governance modules available separately. It is priced per module plus per identity under management.
As for ECAT — an agent-based solution RSA gained with its 2012 purchase of Montreal-based Silicium Security — version 4.1 adds three capabilities:
–native blocking. The suite already identifies problem code. Now a security analyst can set the system to automatically block files or modules on endpoints or a group of machines;
— ECAT risk-scoring system has been boosted to use machine learning. “so it enables an analyst to quickly triage the highest priority issues,” Christina Jasinski, a senior product marketing manager, said in an interview;
— ECAT can now scan endpoints when a device isn’t just connected to the corporate network, but also when it is anywhere and connected to the Internet.
ECAT only works on computers, servers and virtual machines. A version for mobile operating systems is being looked at, Jasinski said.