EMC's security division has hooked up with Silicon Valley start-up Zscaler to create a product to make managing identity management outside of corporate networks simpler and more effective.
RSA said the cloud-based service would see its authentication technologies combined with Zscaler's agent-less, hardware-less security service to watch over external use of applications.
Zscaler's product works by pushing access and policy controls to company devices from datacentres that the vendor runs in 150 countries.
All Zscaler customers need to do is point traffic towards those datacentres. That traffic will also be scanned for potential threats.
The combined product will use that Zscaler technology - its ability to monitor users behaviour when accessing apps as well as check for vulnerabilities - with RSA's established authentication services.
We still haven't gotten rid of permiter-based thinking. We do not have a construct or a model for defence in depth. We need that badly.
During a prebrief at the RSA 2012 conference in San Francisco, RSA showed how the authentication rules would change depending on where the worker was.
For mobile device users, it will mean they are first authenticated at the ZScaler Secure Web Gateway.
So if the employee had hooked up to a new device and was attempting to access an app like Salesforce.com, the Zscaler technology would detect that before pushing them to RSA authentication for further questioning. If the worker passed the questions, they would get to access Salesforce.com.
The product will seek to protect against hackers who choose to compromise user accounts and devices, rather than going after business servers.
Intriguingly, the companies will jointly market and sell the solution.
A proof of concept has been designed, but there was no word on when the product was expected to land.
During the press briefing yesterday evening, RSA chairman Art Coviello said the industry had to react to changes in the security landscape and the Zscaler partnership was one way in which EMC's security arm was doing that.
"There has been a confluence of events that has put our industry in a very, very challenging position... IT infrastructure has changed and the nature of the cyber criminals has changed," Coviello said.
"We still haven't gotten rid of permiter-based thinking. We do not have a construct or a model for defence in depth. We need that badly.
"With these changes in the environment and all these things that have gone on... not only do organisations have to manage what they can't directly control, but security companies have to secure what they can't directly control.
"We have our work cut out for us but we have that capability. This industry has been incredible at innovating... but we have to recognise the seriousness of the problem we are dealing with."
Locking down mobiles
RSA also talked up its collaboration with other vendors working in the mobile app and remote working space.
It has secured various deals with the likes of Citrix, Juniper Networks and VMware to embedRSA authentication technology into software such as Receiver, the Junos Pulse VPN and VMware View.
RSA has also formed tighter partnerships with other companies who are attacking the BYOD trend from the apps side, including Good Technology.
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker groupNews An analysis of May's SQL database dump shows how much LockBit was really making
-
Global cloud spending is booming againNews AWS might be the industry leader by market share, but sluggish growth in Q1 was eclipsed by Microsoft and Google
-
RSAC Conference 2025: AI and quantum complicate securityOrganizations are grappling with the complications of adopting AI for security
-
RSAC Conference 2025 was a sobering reminder of the challenges facing cybersecurity professionalsAnalysis Despite widespread optimism on how AI can help those in cybersecurity, it’s clear that the threat landscape is more complex than ever
-
RSAC Conference day three: using AI to do more with less and facing new attack techniques
-
"There needs to be an order of magnitude more effort": AI security experts call for focused evaluation of frontier models and agentic systemsNews Evaluating the risks of dynamic, evolving AI networks is slow work for cybersecurity analysts
-
Cyber defenders need to remember their adversaries are human, says Trellix research headThere's a growing overlap between nation-state actors and cybercriminals, but these attackers are real people who make mistakes
-
RSAC Conference day two: A focus on what attackers are doingFrom quantum to AI, experts discussed how new and experimental technologies could be used by hackers to access and decrypt sensitive data
-
RSAC Conference Day One: Vibe Is 'All In' on AI for SecurityNews Artificial intelligence took center stage as RSAC Conference looks at how the discussion has moved from generative AI to agentic AI
-
RSAC Conference 2025 live: All the latest from day threeLive blog ITPro is covering RSAC Conference 2025 live – find out all the day-three news right here
