Security companies RSA and Zscaler are collaborating to develop a new cloud-based solution to help secure access and identities in the cloud.
This was announced during the RSA Conference 2012 in San Francisco yesterday (28 February).
In a statement, the two companies said they are jointly developing a cloud-based solution to assert continuous trust in identities accessing any web application or cloud service.
The solution is designed to help enable organizations to apply policy and control to identities even outside corporate networks, and simplify the challenge of managing user credentials associated with multiple cloud applications and web services, the statement said.
According to the statement, the integration of risk-based authentication and identity federation from RSA's Cloud Trust Authority and RSA Adaptive Authentication solutions along with the inline web security capabilities of Zscaler's Cloud Security service would enable a ubiquitous service for continuous, risk-aware identification of users accessing the Internet.
The solution will include strong user authentication, identity federation, and dynamic risk assessment based on device identification, user behavioral profiling, and vulnerability detection. The combined service being developed will be engineered to help organizations mitigate the risks of data theft, service abuse, and other threats that stem from insufficient authentication, stolen credentials or compromised user devices and accounts.
“Enterprises are shifting mission-critical applications and data into the cloud, and users are becoming more mobile than ever,” said Phillip Hochmuth, IDC Analyst. “As a result more and more access to enterprise resources is occurring from outside corporate networks, using devices not controlled by the enterprise IT teams. Attackers know that they can often steal corporate data more easily by compromising user accounts, sessions and endpoints, rather than attacking the enterprise servers or SaaS applications directly. Zscaler and RSA are developing the industry's only solution to this growing risk by integrating dynamic, behavior–based authentication with a global web security platform that protects users and data across all applications and web destinations.”
“Tight integration between trusted authentication and web security technology delivered as a cloud service will offer much needed defense to counter increasingly sophisticated threats in mobile and cloud environments,” said Art Coviello, Executive Vice President, EMC Corporation and Executive Chairman, RSA. “RSA provides risk-aware authentication which, when combined with Zscaler's Cloud Security service, will help enable continuous identity assurance and policy enforcement in the cloud.”
In addition to development of the cloud service to provide inline identity-awareness, both companies will also work together to jointly market and sell the combined solution, the companies announced.
Sign up for CIO Asia eNewsletters.