Rsa® Conference – San Francisco, February 28, 2012
RSA, The Security Division of EMC (NYSE:EMC) and Zscaler today announced they are jointly developing a cloud-based solution to assert continuous trust in identities accessing any web application or cloud service. The solution is designed to help enable organizations to apply policy and control to identities even outside corporate networks, and simplify the challenge of managing user credentials associated with multiple cloud applications and web services. The integration of risk-based authentication and identity federation from RSA’s Cloud Trust Authority and RSA® Adaptive Authentication solutions along with the inline web security capabilities of Zscaler’s Cloud Security service would enable a ubiquitous service for continuous, risk-aware identification of users accessing the Internet.
The solution will include strong user authentication, identity federation, and dynamic risk assessment based on device identification, user behavioral profiling, and vulnerability detection. The combined service being developed will be engineered to help organizations mitigate the risks of data theft, service abuse, and other threats that stem from insufficient authentication, stolen credentials or compromised user devices and accounts. By monitoring the behavior of authenticated users and environmental conditions, the developed service will create a dynamic risk profile that can be used by web applications to minimize the potential of access from compromised accounts, bots, and malware, while still ensuring a positive, simple user experience.
Phillip Hochmuth, IDC Analyst
“Enterprises are shifting mission-critical applications and data into the cloud, and users are becoming more mobile than ever. As a result more and more access to enterprise resources is occurring from outside corporate networks, using devices not controlled by the enterprise IT teams. Attackers know that they can often steal corporate data more easily by compromising user accounts, sessions and endpoints, rather than attacking the enterprise servers or SaaS applications directly. Zscaler and RSA are developing the industry's only solution to this growing risk by integrating dynamic, behavior–based authentication with a global web security platform that protects users and data across all applications and web destinations.”.
Art Coviello, Executive Vice President, EMC Corporation and Executive Chairman, RSA
“Tight integration between trusted authentication and web security technology delivered as a cloud service will offer much needed defense to counter increasingly sophisticated threats in mobile and cloud environments. RSA provides risk-aware authentication which, when combined with Zscaler’s Cloud Security service, will help enable continuous identity assurance and policy enforcement in the cloud.”
Jay Chaudhry, President and CEO, Zscaler
“Trust is no longer about simply identifying the user. With more devices accessing more applications and data from more locations, trust must be established and enforced dynamically. Through this development partnership with RSA, Zscaler will enhance security for our customers and the cloud services they depend upon, by continually and dynamically establishing trust.”
In addition to development of the cloud service to provide inline identity-awareness, both companies will also work together to jointly market and sell the combined solution.
RSA and Zscaler are showing a proof of concept of this capability in their booths at the RSA® Conference. RSA will also demonstrate a beta version of the RSA® Cloud Trust Authority federation service.
Mobility and Cloud Computing change not only how and where organizations access information and applications but also how to manage ensuring trusted access, policy enforcement and even governance. Ensuring and managing this trust becomes more complex as more and more IT services and sensitive information are accessed and consumed via devices, networks and applications that live entirely outside of corporate IT’s direct control.
RSA outlines five key criteria that are essential to delivering security and compliance for this remote, hyper-extended world.
RSA, The Security Division of EMC is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world’s leading organizations solve their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance and securing virtual and cloud environments.
Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention, Continuous Network Monitoring, and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.EMC.com/RSA.
RSA, The Security Division of EMC
RSA and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other company and product names may be trademarks of their respective owners.
This release contains “forward-looking statements” as defined under the Federal Securities Laws. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: (i) adverse changes in general economic or market conditions; (ii) delays or reductions in information technology spending; (iii) the relative and varying rates of product price and component cost declines and the volume and mixture of product and services revenues; (iv) competitive factors, including but not limited to pricing pressures and new product introductions; (v) component and product quality and availability; (vi) fluctuations in VMware, Inc.’s operating results and risks associated with trading of VMware stock; (vii) the transition to new products, the uncertainty of customer acceptance of new product offerings and rapid technological and market change; (viii) risks associated with managing the growth of our business, including risks associated with acquisitions and investments and the challenges and costs of integration, restructuring and achieving anticipated synergies; (ix) the ability to attract and retain highly qualified employees; (x) insufficient, excess or obsolete inventory; (xi) fluctuating currency exchange rates; (xii) threats and other disruptions to our secure data centers or networks; (xiii) our ability to protect our proprietary technology; (xiv) war or acts of terrorism; and (xv) other one-time events and other important factors disclosed previously and from time to time in the filings of EMC Corporation, the parent company of RSA, with the U.S. Securities and Exchange Commission. EMC and RSA disclaim any obligation to update any such forward-looking statements after the date of this release.
Zscaler enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud-first world. Its flagship services, Zscaler Internet Access and Zscaler Private Access, create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100% cloud delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, Zscaler operates a massive, global cloud security platform that protects thousands of enterprises and government agencies from cyberattacks and data loss. Learn more at zscaler.com or follow us on Twitter @zscaler.
Zscaler ™, SHIFT™, ZIA™, ZPA™, Direct-to-cloud™ and The internet is the New Corporate Network™ are trademarks or registered trademarks of Zscaler, Inc. in the United States and/or other countries. All other trademarks are the property of their respective owners.
Whitney Glockner Black
Director of Communications