Organizations can now use their SecurID two-factor authentication deployments to secure cloud applications running on Microsoft Windows Active Directory Federation Services (ADFS), RSA Security said.
Users will be able to add multi-factor authentication into Office 365 applications, including Microsoft Exchange and Microsoft Azure, and still use Active Directory roles to control authentication for both on-premise applications and cloud systems, EMC-subsidiary RSA Security said Nov. 7.
ADFS allows customers to use their Active Directory roles in the cloud to achieve single sign capabilities for corporate networks and the cloud. The fact that ADFS now supports two-factor authentication out of the box adds another level of centralized authentication and authorization to the environment, according to RSA Security.
RSA’s SecurID token generates a one-time-password every 30 seconds to two minutes. On systems that have SecurID enabled, users have to first enter their username and password, and then the generated one-time-password to gain access. This integration would allow Azure developers to build applications that use SecurID to handle authentication.
Organizations can use the hardware token that’s already deployed in the enterprise, Karen Kiffney, a senior product marketing manager at RSA, told eWEEK.
This isn’t the first time RSA partnered up with Microsoft. The two companies have teamed up in the past to protect data loss prevention tools and data classification service.
RSA is trying to convince customers to stick with SecurID even after the data breach that damaged two-factor authentication technology’s reputation earlier this year. Unknown attackers managed to breach RSA’s corporate networks using a combination of malware, zero-day vulnerabilities and social engineering to steal information related to SecurID. There are over 40 million people in at least 30,000 organizations worldwise using the technology.
As a result of the attack on RSA, IT security professionals were considering moving away from hardware-based two-factor authentication tokens such as SecurID toward risk-based authentication and software-based tokens, Andras Cser, a principal analyst with Forrester Research wrote in a research note.
The fact that Microsoft chose RSA to protect its cloud environment with SecurID was validation that the company has moved beyond the incident, a RSA spokesperson said. The company has offered to replace tokens, made some changes to its manufacturing process, and the breach was a “one time event,” Kiffney said.
Customers are more curious about what RSA learned as a result of the breach, and what tactics they should be using, Phil Aldrich, RSA’s senior product marketing manager, told eWEEK. “Customers see that we detected and stopped the attack as it was happening and want to know how to do that,” Aldrich said.
The integration is available for no extra fee for all SecurID users and there’s no additional work needed to get this to work. “It just will work out of the box,” Kiffney said. If the customer is already a SecurID customer, then they know it’s going to work with everything, regardless of whether it’s in the cloud in Azure, or on-premise.
RSA made a similar announcement for Citrix Receiver. Organizations were using Citrix Receiver in a virtual application delivery environment and protecting the session with usernames and passwords. Citrix Receiver can be used with Windows, Mac and Linux desktops and laptops, think clients, and mobile devices running Apple iOS, Google Android, or Research in Motion phones, according to RSA.
In the past, organizations who wanted to use SecurID on Citrix Receiver would have to switch to the software token app on the mobile device to obtain the one-time password. Now the software is part of a software developer kit (SDK) that allows the application that called the software token to obtain the passcode in the background automatically.
This capability is available in Citrix Receiver, Juniper JUNOS Pulse and VMware View, RSA said. In order to prevent Citrix session hijacking, the authentication technology is now built into the receiver.
“Hackers have to jump through much bigger hoops to abuse an identity and get to data since that data doesn’t exist by default on the device itself,” Sam Curry, CTO of RSA Security, wrote on the blog.

AI success depends on whether enterprise data is ready, reachable, and close enough to the workloads that need it. In this eSpeaks episode, Dell Technologies’ Vrashank Jain explains why fragmented data, weak metadata, slow pipelines, and poor data locality can stall AI projects before models ever reach production.

In this episode of eSpeaks, Jennifer Margles, Director of Product Management at BMC Software, discusses the transition from traditional job scheduling to the era of the autonomous enterprise.

eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly uncertain world. They explore how automation, AI, and integrated platforms are helping finance teams tackle today’s biggest challenges, from cross-border compliance and FX volatility to […]
-
Latest News - Resources Resource HubsFeatured ResourcesLink to The Real AI Power Play: Who Controls Your Enterprise Data Layer?
The Real AI Power Play: Who Controls Your Enterprise Data Layer?IT and data teams were promised that AI would make work easier. Instead, it's created new layers of complexity.Link to Building the Backbone of Agentic AI with Trusted, Context-Rich Data
Building the Backbone of Agentic AI with Trusted, Context-Rich DataIn this 10-minute take video, Reltio Principal Solutions Consultant Guy Vorster explains how organizations can overcome fragmented data challenges to power AI agents.Link to IHG scales real-time, trusted data across global brands
IHG scales real-time, trusted data across global brandsAccelerating time to value while powering data-driven engagementLink to Dell’s Vrashank Jain on Enterprise AI Data Readiness and AI Data Platform Infrastructure
Dell’s Vrashank Jain on Enterprise AI Data Readiness and AI Data Platform InfrastructureAI success depends on whether enterprise data is ready, reachable, and close enough to the workloads that need it. In this eSpeaks episode, Dell Technologies’ Vrashank Jain explains why fragmented data, weak metadata, slow pipelines, and poor data locality can stall AI projects before models ever reach production.
Link to BMC’s Jennifer Margules on Intelligent Enterprise Orchestration
BMC’s Jennifer Margules on Intelligent Enterprise OrchestrationIn this episode of eSpeaks, Jennifer Margles, Director of Product Management at BMC Software, discusses the transition from traditional job scheduling to the era of the autonomous enterprise.
Link to Global-First Finance: Building Scalable, Compliant Operations in an Uncertain World
Global-First Finance: Building Scalable, Compliant Operations in an Uncertain WorldeSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly uncertain world. They explore how automation, AI, and integrated platforms are helping finance teams tackle today’s biggest challenges, from cross-border compliance and FX volatility to […]
-
Artificial Intelligence -
Video -
Big Data & Analytics -
Cloud -
Networking - Cybersecurity Cybersecurity
- Applications Applications
- IT Management IT Management
- Storage Storage
- Mobile Mobile
- Small Business Small Business
- Development Development
- Database Database
- Servers Servers
- Android Android
- Apple Apple
- Innovation Innovation
- PC Hardware PC Hardware
- Reviews Reviews
- Search Engines Search Engines
- Virtualization Virtualization
-
- Blogs Blogs
- Events Events