RSA SecurID - Still has it's place

Overall Satisfaction with RSA SecurID

RSA is being used to add MFA to almost all resources. RSA SecurID provides a good agent which can be deployed to servers (Windows and Linux), workstations, and through RADIUS to just about any end system. The primary use case is to use token and time-based authentication for user-based access to support defense-in-depth. While RSA SecurID has its flaws when combined with other tools, it can help lower the chances for user-based compromise to assets - limiting the risk does not eliminate.
  • Token/time-based authentication
  • Standard admin console which is user friendly
  • Hard tokens
  • Secure-ID only provides token - additional tools are required for password
  • RADIUS encryption configuration is lacking
  • Support is difficult to obtain
  • MFA for User-Based Access helps to better trust users
  • RSA SecureID hard tokens (while cost) is great for higher security systems
  • RSA SecureID does not integrate well with systems that connect through RADIUS
RSA is good for agent-based and RADIUS integration but the move is toward better integration with web-based (API/TLS) integration. RSA has a new product to support this integration but RSA SecureID does not offer this and is antiquated technology but still has it's placed in an enterprise environment where additional integration isn't required.
RSA SecurID is great where an agent can be used or for systems that support tiered authentication configuration (LDAP and RSA). For systems that need an authentication mechanism to support Password and Token, RSA SecurID is not right for you.