Contact | Support | Login | Content Library Search
Home > Products > RSA Access Manager > Features and Benefits

Managing Risk

Managing Risk - Centralized Security Management Infrastructure

Now how does RSA Access Manager manage risk? Traditionally, organizations routinely create and manage user identities and manage authentication and access in 25, 50, or even more individual applications and systems - often using manual or semi-automated processes. The redundancy, potential for security violations, data inconsistencies, and high risk is truly staggering.

RSA Access Manager provides a centralized security management infrastructure to protect a business' online assets. This centralized infrastructure across all web resources makes it difficult for anonymous intruders to gain entry and commit illicit acts. Additionally, auditing and reporting capabilities provide accountability and thus discourage insiders from abusing the resources they are permitted to access.

Multiple Access Levels

Often organizations provide end-user a single level of access to a resource without considering assigned roles and responsibilities. Frequently this is done, because mechanisms are not present for finer grained access control. The result is a lack of ability to control what an end-user can do once within an application. RSA Access Manager provides coarse-, medium-, and fine-grained access control to resources and applications based on business rules and user roles.

An organization can therefore protect both access to web-based applications and control what users do after they access applications. This can be thought of as controlling front door and inside door access. User privileges can be flexibly defined based on multiple criteria, such as the individual's identity or group relationship to the organization (ie. employee, customer, or partner) or user attributes such as an individual's account balance, job title, division, or geographical location.

Graded Security Levels

Traditionally, organizations haven't adequately protected their critical web resources, often allowing end-users to use merely a username and password to access web applications. With RSA Access Manager manages risk by supporting different and stronger authentication methods such as tokens or digital certificates to provide graded levels of security for sensitive web resource protection.

Authorization and Transactional Smart Rules

Smart Rules allow for a more intuitive and flexible way to define authorization rules. Smart Rules allow enterprises to apply authorization rules directly to resources based on dynamic user properties. In this way, an authorization rule may grant or deny access based on the real-time value of a user attribute.

Example of Authorization Smart Rules

An example of the application of Smart Rules is illustrated by the example where Joe Smith, a Product Manager, is given access to the Product Launch Workgroup web portal based on his role, but isn't given access to the portal that is only authorized to company executives. In this way, Smart Rules apply authorization rules based on dynamic end-user roles or properties. Having a dynamic and real-time way to grant or deny access to sensitive resources allows an organization to manage risk.

Example of Transactional Smart Rules

RSA Access Manager also has transactional Smart Rules capability which allows end-users access to applications based on certain facets of their information stored in third-party data sources. For example, Joe Smith may be granted access to certain web applications only if his bank account balance exceeds a certain amount. While Joe Smith's user identity information might be stored in one repository, RSA Access Manager has the ability to look into data stored elsewhere to make the dynamic connections necessary to gauge whether or not to grant him access to certain web resources.

Delegated Administration

In many organizations, only a single administrator controls access functions for a system. This sometimes causes bottlenecks and reduces productivity due to the administrator's limited ability to keep up with all incoming requests for access to key resources. Rather than relying heavily on one administrator, the RSA Access Manager solution supports delegated administration.

Using RSA Access Manager's delegated administration capabilities, departments, business partners, and customers can be grouped into logical administrative units, called Virtual Business Units (VBUs). This allows companies to distribute user and access policy management responsibilities to individuals best suited to administer their group of users. This greatly improves administrative response.

This means that the organization's super user or master administrator can enable a department's admin to take on some of the administrative capabilities for that department (such as delegating administration of users and authorization policies). Not only is some of the pressure taken off the main administrator, but end-users are more empowered and overall productivity goes up.

Top of Page Email to a Friend Print
© 2010 RSA Security. All rights reserved | Privacy | Legal | Site Map

RSA, The Security Division of EMC, provides Secure Data, Compliance, SIM, SEM, SIEM, PCI, Consumer Identity, Two-Factor Authentication, Custom Applications, Consulting, Assessment, and other security solutions and services to over 90% of the Fortune 500.
 
Access Control |  Authentication and Identity Assurance |  Credential Management |  Data Loss Prevention |  Data Encryption and Key Management |  Fraud Prevention |  Security Information and Event Management |  Log Management |  IT Compliance |  ISO 27002 Compliance |  Information Risk Management for Financial Services |  Payment Card Industry Data Security Standard | 
 
RSA Access Manager
RSA BSAFE
RSA eFraudNetwork
 RSA Data Loss Prevention
RSA Consumer Solutions
RSA FraudAction
 RSA Digital Certificate Solutions
RSA Encryption/Key Management
RSA Enterprise Data Security
 RSA enVision
RSA SecurID
RSA Smart Cards

 RSA Federated Identity Manager
RSA Adaptive Authentication