EMC's security division has hooked up with Silicon Valley start-up Zscaler to create a product to make managing identity management outside of corporate networks simpler and more effective.
RSA said the cloud-based service would see its authentication technologies combined with Zscaler's agent-less, hardware-less security service to watch over external use of applications.
Zscaler's product works by pushing access and policy controls to company devices from datacentres that the vendor runs in 150 countries.
All Zscaler customers need to do is point traffic towards those datacentres. That traffic will also be scanned for potential threats.
The combined product will use that Zscaler technology - its ability to monitor users behaviour when accessing apps as well as check for vulnerabilities - with RSA's established authentication services.
We still haven't gotten rid of permiter-based thinking. We do not have a construct or a model for defence in depth. We need that badly.
During a prebrief at the RSA 2012 conference in San Francisco, RSA showed how the authentication rules would change depending on where the worker was.
For mobile device users, it will mean they are first authenticated at the ZScaler Secure Web Gateway.
So if the employee had hooked up to a new device and was attempting to access an app like Salesforce.com, the Zscaler technology would detect that before pushing them to RSA authentication for further questioning. If the worker passed the questions, they would get to access Salesforce.com.
The product will seek to protect against hackers who choose to compromise user accounts and devices, rather than going after business servers.
Intriguingly, the companies will jointly market and sell the solution.
A proof of concept has been designed, but there was no word on when the product was expected to land.
During the press briefing yesterday evening, RSA chairman Art Coviello said the industry had to react to changes in the security landscape and the Zscaler partnership was one way in which EMC's security arm was doing that.
"There has been a confluence of events that has put our industry in a very, very challenging position... IT infrastructure has changed and the nature of the cyber criminals has changed," Coviello said.
"We still haven't gotten rid of permiter-based thinking. We do not have a construct or a model for defence in depth. We need that badly.
"With these changes in the environment and all these things that have gone on... not only do organisations have to manage what they can't directly control, but security companies have to secure what they can't directly control.
"We have our work cut out for us but we have that capability. This industry has been incredible at innovating... but we have to recognise the seriousness of the problem we are dealing with."
Locking down mobiles
RSA also talked up its collaboration with other vendors working in the mobile app and remote working space.
It has secured various deals with the likes of Citrix, Juniper Networks and VMware to embedRSA authentication technology into software such as Receiver, the Junos Pulse VPN and VMware View.
RSA has also formed tighter partnerships with other companies who are attacking the BYOD trend from the apps side, including Good Technology.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
'You need your own bots' to wage war against rogue AI, warns Varonis VPNews Infosec pros are urged to get serious about data access control and automation to thwart AI breaches
-
CrowdStrike CEO: Embrace AI or be crushed by cyber crooksNews Exec urges infosec bods to adopt next-gen SIEM driven by AI – or risk being outpaced by criminals
-
Microsoft security boss warns AI insecurity 'unprecedented' as tech goes mainstreamNews RSA keynote paints a terrifying picture of billion-plus GenAI users facing innovative criminal tactics
-
APIcalypse Now: Akamai CSO warns of surging attacks and backdoored open source componentsNEWS Apps and APIs bear the brunt as threat actors pivot to living off the land
-
AI is changing the game when it comes to cyber securityNews With AI becoming more of an everyday reality, innovative strategies are needed to counter increasingly sophisticated threats
-
RSAC Chairman urges collaboration to ensure collective defense in securityNews Chairman emphasizes the critical need for cooperation among cyber security experts
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolenCapita told the pension provider to “work on the assumption” that data had been stolen
-
Gumtree site code made personal data of users and sellers publicly accessibleNews Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
