February marks the seventh anniversary of the founding of the FIDO Alliance, an open industry association with a focused mission: modernizing authentication and reducing the world's over-reliance on passwords.
As a leader in multi-factor authentication, and as a longstanding board member of the FIDO Alliance, RSA® paves the way towards the passwordless future – a key tenet of the FIDO Alliance charter. RSA was an early adopter of the original U2F standard and one of the first to be certified as a FIDO2-compliant authentication server. As co-chair of the Enterprise Deployment Working Group, we continue to collaborate on the development of industry best practices, and most recently, we announced a partnership with Yubico, a leader in hardware-based FIDO authenticators.
Why back an open standard like FIDO? At RSA, we are committed to giving customers choice by offering a variety of solutions that simplify digital risk management.
For example, to address today's dynamic workforce challenges, RSA provides the broadest range of enterprise authentication methods. In addition to FIDO2 security keys, our products also support modern mobile-based authentication options (e.g., push notification, biometrics and SMS) and traditional one-time passcode (OTP) hardware tokens. In fact, we believe that enterprises should embrace a user's choice of technologies – such as biometrics – that are already present in the devices they use (e.g., Face ID, Samsung Fingerprint, Windows Hello). Our ultimate goal is to secure access to all apps, regardless of authentication method or where the apps live – on-premises or in the cloud.
Typically, with choice comes complexity. Organizations want to support diverse user populations and use cases, but they also want to manage them centrally. This is why RSA has focused on not only providing choice, but a simplified, yet scalable, Identity Assurance platform. By tapping into an enterprise-grade security platform that makes multiple authentication options easy to deploy and manage, organizations can provide a frictionless experience for users, and let RSA manage the rest.
To further this approach, we're launching the YubiKey for RSA SecurID® Access. The solution combines a FIDO2-enabled hardware device by Yubico with the benefits of RSA SecurID Access and its Identity Assurance platform. It's a secure and convenient option that:
- Addresses critical use cases, such as passwordless login for mobile-restricted environments
- Simplifies the user experience while helping to mitigate stolen credentials and account takeovers
- Enhances both security and convenience with transparent layers of risk-based analysis and anomaly detection
- Secures the entire credential lifecycle – reducing attacks on weak points, such as enrollment and emergency access – while reducing costs
Launching YubiKey for RSA SecurID Access is another step toward giving customers choice and simplicity as they address risks associated with their dynamic workforce. It's also a great way to celebrate open standards and the organizations who are helping the industry move toward a passwordless future. Happy Anniversary FIDO Alliance!
# # #
Join the #TalkingDigitalRisk conversation on Twitter and social media by following @RSAsecurity
Demonstrations of the YubiKey for RSA SecurID® Access will be available at RSA Conference 2020 at booth #N5845. Show attendees can learn more by registering for the "Go Passwordless: FIDO for Dynamic Workforces" session on February 26, 9AM-11AM PT, hosted by RSA® and Yubico. The product is expected to be generally available on March 9, 2020, and more information is available at RSA.com/start.