RSA SecurID - Still has it's place
Overall Satisfaction with RSA SecurID
RSA is being used to add MFA to almost all resources. RSA SecurID provides a good agent which can be deployed to servers (Windows and Linux), workstations, and through RADIUS to just about any end system. The primary use case is to use token and time-based authentication for user-based access to support defense-in-depth. While RSA SecurID has its flaws when combined with other tools, it can help lower the chances for user-based compromise to assets - limiting the risk does not eliminate.
Pros
- Token/time-based authentication
- Standard admin console which is user friendly
- Hard tokens
Cons
- Secure-ID only provides token - additional tools are required for password
- RADIUS encryption configuration is lacking
- Support is difficult to obtain
- MFA for User-Based Access helps to better trust users
- RSA SecureID hard tokens (while cost) is great for higher security systems
- RSA SecureID does not integrate well with systems that connect through RADIUS
- Okta and Duo Security
RSA is good for agent-based and RADIUS integration but the move is toward better integration with web-based (API/TLS) integration. RSA has a new product to support this integration but RSA SecureID does not offer this and is antiquated technology but still has it's placed in an enterprise environment where additional integration isn't required.
Comments
Please log in to join the conversation