If you are seeking an alternative to RSA’s rigid workflows, costly maintenance and obstructive user experience, there is a better way. SecureAuth has helped hundreds of RSA customers move to an access control solution that offers more flexibility, visibility and can reduce total cost of ownership by over 50%.
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
Webinar: Goodbye RSA. Hello Modern Authentication.
1. 10th October, 2017
Modern Adaptive
Access Control
SecureAuth
James Romer| Chief Security Architect - EMEA
Bradley Lewington | Account Manager - EMEA
2. • All attendee audio lines are muted
• Submit questions via Q&A panel at any time
• Questions will be answered during Q&A at the end
of the presentation
• Slides and recording will be sent later this week
• Contact us at webinars@secureauth.com
Webinar
Housekeeping
7. Security vs Usability:
Tokens expire
Heavy helpdesk workload
Support for VPN/ADFS only
VPN
ADFS
X SSO
X SaaS
X Traditional applications
8. Security vs Usability:
Tokens expire
Heavy helpdesk workload
Support for VPN/ADFS only
Strict workflows
biometric
authentication
Mobile
authentication
10. Prevents the misuse of stolen
credentials, and
…is easier to use than 2FA and users
aren’t even aware that it’s there?
What if there’s
a solution
that….
…that can work within your existing
infrastructure instead of having to
change to accommodate it?
…only requires a 2FA step if risk is
found
11. BEST POSSIBLE
USER
EXPERIENCE
Multi-Layered Risk Analysis
Only require a MFA step if risk
present
Single Sign-On
Convenience of removing log-in
across multiple systems
User Self-Service
Allow users to help themselves
without a Help Desk call
23. Pre-Authentication Risk Analysis
Do we recognize this device?
Real-time Threat Intelligence
Group membership and attribute checking
Request coming from a known location?
Has an improbable travel event taken place?
Access request coming from within or outside
a geographic barrier
Reduce # of OTPs, block device class, identify
“porting” status, block by carrier
Typing sequences & mouse movements
unique to each user on device
Who should/does have access rights? High
access rights = greater risk/vulnerability
Track normal behavior looking for anomalies
24. Threat Detection: By the Numbers
Snapshot of threats detected by a SecureAuth customer
7,130 Number of suspicious logins prevented by SecureAuth in just 3 weeks
= 14 attacks per hour!
7,103 14 13
Suspicious logins from an
anonymous network
Malicious logins associated with
known cybercriminal activity
Suspicious logins originating
from transparent proxies
The Details:
25. PASSWORD-BASED AUTHENTICATION
Hello, can I
come in?
You need a
Password
Try
“4ccess10”
Wrong!
Try
“4ccess11”
Access
Granted
Hello, can I
come in?
Trusted Device, normal
location, IP reputation low
risk, no anonymous network,
no improbable travel event
and your previous behaviour
is consistent with this request.
Choosing Authentication
Method.
Analyse Risk to Improve the User Experience
RISK-BASED AUTHENTICATION
26. Risk checks allow us to
introduce friction only
when required
+ Support for existing hard tokens
+ Provide a migration path away from
legacy tokens towards true adaptive
and context-aware access control
+ Choose from 25+ authentication
options as required
+ Remove the password, increase
security and improve the user
experience
27. The SecureAuth Solution
Access Control Platform
• Standards Based
• SSO
Strong Authentication
• Multi-factor (two-factor) options
• Adaptive authentication/detection
Empower End Users
• Self-service password reset/ account
unlock / profile update
• Self-enrollment
28. Summary
RSA
+ Expiring tokens increase
operating costs
+ Heavy workload on helpdesk
+ VPN and ADFS only
+ Strict authentication
workflows
+ Obstructive workflows and
impractical management
SECUREAUTH
+ Non expiring MFA methods,
no added cost
+ Help desk service included in
solution
+ VPN, ADFS, SaaS, SSO
+ Flexible workflows for
unobtrusive experience
+ Security and usability made
possible!
29. Next Steps
30-minute Product Demo
Schedule a personalized walk-through
of the product
RSA Upgrade Program
SecureAuth will provide credit for
your remaining RSA contract.
All attendees will get a copy of the
slides, webinar recording and our RSA
migration guide.
All attendee audio lines are muted – this is for everyone listening pleasure
You can submit questions via the Q&A panel at any time throughout the session (it’s located on the right hand side of your console)
Those submitted Questions will be answered during the Q&A at the end of the presentation (and if we run out of time, we will follow-up with you directly)
These slides and a recording of this session will be sent to you later this week, so no need to submit question asking for them
If you have questions related to this webinar or any others, you can always contact us at webinars@secureauth.com
Hard tokens difficult to maintain for service desk. More steps for user to take, carrying hard tokens etc.
What if there was a solution that…
Can promise you security up to the golden standard of five 9s (99.999% effective)
It’s easier than 2FA, most of what is done from a security perspective is done without users even knowing…
Only requires a 2FA step if risk is present…
And it fits into what you already have vs being an expensive rip and replace exercise?
---------
What if I told you that there is a solution that's truly secure, while being easy to use, and easy to implement?
What if there was a solution that…
Can promise you security up to the golden standard of five 9s (99.999% effective)
It’s easier than 2FA, most of what is done from a security perspective is done without users even knowing…
Only requires a 2FA step if risk is present…
And it fits into what you already have vs being an expensive rip and replace exercise?
---------
What if I told you that there is a solution that's truly secure, while being easy to use, and easy to implement?
Best Possible User Experience
Not all users are created equal, but everyone hates additional authentication steps
Getting beyond the old school, multi-step/multi-interruption process helps provide good user experience
Clean authentication experience enhances user adoption and reduces complaints to the security team…the multiple layered silent risk checks we just talked about allow organizations to identify and deny bad access requests, challenge risky ones, and allow good ones right thru without an MFA step
Organization can now balance security needs with user preferences and don’t have to compromise security or user experience…best of both worlds!
We can reduce the number of daily interruptions when accessing organizational resources with SSO, improving productivity by enabling fast and seamless access to the things people need to do their jobs
We can also empower users to help themselves when and if the need arises via self-service tools like password resets, account unlocking, enrollment, updating personal info – all saving both user and IT time.
I’ve spend time talking about why SecureAuth and how we’re different, but it’s always better to hear what an actual customers is saying….