RSA to focus on mobile threats and Pegasus cloud security
Security company shooting for tools to improve mobile authentication
By Tim Greene | Network World US | Published: 06:38, 20 January 2012
RSA Security executives have outlined the company's 2012 product strategy, focusing on mobility, anti-threat and cloud security.
Earlier this week RSA executive chairman Art Coviello revealed that following the attack that compromised RSA SecurID tokens last year, the company has been sought after by others who do not want such an incident to happen to them.
To help businesses better protect data on personal mobile devices, the company is shooting for tools to separate personal data and corporate data and to improve authentication to content accessed through those devices.
Related Articles on Techworld
The roadmap calls for increasing the number of factors in multi-factor authentication by adding factors such as geolocation, biometrics and patterns of behaviour, and applying them based on individual circumstances.
This scheme calls for embedding SecurID technology in mobile phones since they are device users carry with them all the time. The company says partnerships with chip makers will protect secrets such as passwords and encryption keys at a hardware level so if devices are compromised they won't yield them up to attackers.
Anti-threat efforts will give businesses visibility into what devices are being used for as well as avenues for sharing threat intelligence with other businesses, governments and information-sharing organisations such as Information Sharing and Analysis Centers (ISAC).
This plan will require analytic software that can mine enormous amounts of data for actionable intelligence. The company promises an announcement in this area at the RSA 2012 conference next month.
RSA's cloud efforts include Pegasus, a project dedicated to moving the functionality of RSA's current products to cloud environments where they could be sold as services.
The company also is working toward incorporating security in the gear used to build service-provider infrastructure to ensure that cloud services can meet security standards set by businesses as well as governments. This includes the federal push for agencies to hire certified cloud providers rather than build their own infrastructure.
It also includes RSA's contribution to VCE, the joint venture of VMware, Cisco and RSA's parent company, EMC, which collaborates to build Vblocks, bundles of data centre hardware and software.
