Speaking of Security – The RSA Blog and Podcast

For more than 6 years, RSA, the Security Division of EMC, and LexisNexis® Risk Solutions have successfully collaborated in providing RSA’s consumer-oriented Identity Verification service which utilizes dynamic knowledge-based authentication (KBA) to validate user identities in real-time through a series of generated questions within databases containing billions of public and commercially available records.

In continuing this collaboration, we recently saw an opportunity to evolve our relationship so we could each focus more on our core competencies. On March 31, 2013, we sold LexisNexis the RSA Identity Verification service which RSA acquired through its acquisition of Verid in 2007.

• 

So I’ve called the Help Desk before. I’ve been that person on the other end who becomes a statistic, a cost point in the never-ending battle to keep costs low, to stay more efficient. The reasons I’ve had to call the Help Desk are myriad, but more often than not it’s because I’ve locked myself out of something. It’s a pain point for all of us. If you ask organizations what common user issue their Help Desk staff is plagued with the most, it is password resets. In a recent research study we worked with the SANS Institute on, 42% of organizations stated that password reset requests were the number one reason users called most often – so at least I’m not alone.

• 

At the annual SC Magazine Awards, RSA’s defense of access continues to drive the state-of-the-art for the market. First, RSA SecurID maintained its position as the standard by which authentication solutions are judged, garnering the 2013 SC Magazine Award for Best Multifactor Authentication Solution. Additionally, following the mantra of “trust, but verify” RSA’s work in risk analysis and evaluation was also showcased with the award for Best Fraud Prevention for RSA Adaptive Authentication. This award is particularly satisfying as the Conference this week also saw the release of the groundbreaking RSA Authentication Manager 8.0 which brings big data-driven risk analytics to bear to achieve new levels identity assurance in enterprise, cloud and mobile environments.

• 

The new FFIEC Supplemental Guidance on Authentication in an Online Banking Environment is a lengthy document, attempting to tackle an already large yet continually growing problem of malware, identity theft, and cybercrime threatening the very usefulness of online banking. I see no need to get into a detailed explanation of the problem… What I think is worth some effort at the moment is thinking about the next steps of addressing the guidance – financial institutions need to stick with the theme of “Keep It Simple.”

• 

Yes, I am one of those Users. I am one of those Users that I spend a significant part of my job working to educate customers and the industry about. You see, as part of my job, I am issued a laptop by EMC, the parent company of RSA. I am in fact working from that laptop right now. It should also be noted…

• 

If I ever wanted to shine a spotlight on possible various personal flaws of mine, I need look no further than the now commonly accepted consumer activity known as eCommerce. With eCommerce, I can be lazy – who wants to actually go out to the store? With eCommerce, I can be inattentive – eh, I’ll order that last minute and ship it overnight. I can self-justify – hey, if I look online, I know I can find exactly what is wanted, so why bother doing anything else? I do all these things (Mom, Dad, if you read this – I’m sorry) with eCommerce.

•