New releases of CA Strong Authentication and CA Risk Authentication add capabilities to increase identity assurance and enhance risk assessments for mobile use while reducing the risk of transaction fraud. CA Data Protection extends data protection and control capabilities in various mobile and cloud use scenarios.
In addition, a new release of CA Privileged Identity Manager offers improved scalability and expanded integration with CA Session Recording for streamlined management of security rules and users. Also, the latest release of CA Single Sign-On includes single sign-on (SSO) and social networking enhancements, and improved support for the Japanese market
“The computing landscape continues to evolve rapidly, with organizations increasingly relying on mobile devices and cloud-based technologies to conduct everyday business,” said Mike Denning, senior vice president and general manager, Security business at CA Technologies. “Today we are announcing numerous updates across our IAM portfolio that give organizations the control, protection and flexibility they need to safeguard expanding business perimeters with minimal impact on end users.”
CA Advanced Authentication provides strong, risk-based multi-factor authentication methods to help businesses protect identities, avoid security breaches and prevent fraud. New CA Advanced Authentication release capabilities include:
• Secure Transaction Signing. Reduces the risk of fraud in online transactions by leveraging the mobile device to verify details, such as transaction amount or payee, as part of an out-of-band authentication process.
• Credential Locking. CA ArcotID® software credentials now automatically lock themselves to the device they are deployed to. This helps protect against the reuse of a stolen credential from another device.
• Enhanced Credential Persistence. CA ArcotID credentials can now be stored in a local, persistent format to prevent the inadvertent clearing of the credential. This format improves security and the user experience while reducing IT administrative burdens.
• Mobile Device Detection. Improves security by incorporating additional device information into risk assessments and enabling security policies that allow access based on the device or device operating system.
• Multi-Account and Multi-Channel Support. Drives consistent security policy application across channels for easier administration and a better user experience. Enables aggregation of multiple accounts to one identity.
• Enhanced Rule Builder. Simplifies rule-building and editing from a single interface, improving risk evaluations and fraud detection performance.
Today’s announcement also includes data protection enhancements which extend mobility and cloud data protection with particular focus on popular endpoint agents.
CA DataMinder enhancements include:
• Data Security Support for Mobile & Cloud Services. Enables secure file collaboration through the use of intelligent data-centric security for secure file synchronization and sharing vendors such as Dropbox, SkyDrive, Box and Google Drive.
• Mobile Data Protection. Enables secure and compliant email collaboration with the integration of email classification with Voltage SecureMail and other encryption technologies. Organizations can now inspect encrypted messages against corporate policies for improved compliance.
• New Client Network Agent. Enables capturing of web traffic regardless of installed browser, providing better protection against data leakage.
Updates to CA Technologies leading access management solutions include:
• Social Media Support. Facilitates frictionless access to CA SiteMinder-protected applications for Facebook and Google users via OAuth, allowing organizations to reach broader audiences and potential customers for their products and services.
• Cloud Application Support. Includes CA SiteMinder Federation Cloud Runbook Library which provides a centralized location for best practices and step-by-step instructions on how to configure CA SiteMinder Federation with various enterprise cloud applications.
• More Flexible SSO. New web service interfaces in CA SiteMinder mean more applications – from standard web applications to devices such as vending machines or other non-IT equipment – can use simple RESTFUL calls to CA SiteMinder for access management. As a result, CA SiteMinder offers comprehensive and flexible deployment options for SSO based on gateways, open federation standards, Web Service APIs, application agents, or agent-less methods. This provides increased flexibility and helps enable rapid time to deployment for business-critical applications while driving down the cost of ownership for a scalable enterprise-ready solution.
• Expanded Integration with CA Session Recording. CA Session Recording advanced search functionality is now available directly from within the CA ControlMinder management server. This allows administrators to search for specific privileged user actions and configure access rules from a single console, streamlining and speeding the user experience.
• New RESTful APIs to Enable Integration with Third-party Workflows. CA ControlMinder now offers exposed REST APIs for shared account enumeration, password requests, and management approvals to enable integration with third-party workflow tools.
• Integration with Authentication Solutions. CA ControlMinder now directly integrates with CA AuthMinder, NTLM and smartcard systems for authentication into the CA ControlMinder console to further secure access to administrative functions and improve overall security for highly privileged and sensitive activities.
Users can learn more about the new CA SiteMinder release by participating in an educational webcast taking place April 17 at 1 PM ET.
CA Technologies also recently announced it had again been positioned by Gartner, Inc. in the Leaders quadrant of the Magic Quadrant for User Authentication* the Magic Quadrant for Identity and Access Governance**; the Magic Quadrant for User Administration and Provisioning***; and the Magic Quadrant for Content-Aware Data Loss Prevention****.
* Gartner, Inc., “Magic Quadrant for User Authentication,” Ant Allan, March 7, 2013.
** Gartner, Inc., “Magic Quadrant for Identity and Access Governance,” Earl Perkins, December 17, 2012.
*** Gartner, Inc., “Magic Quadrant for User Administration and Provisioning,” Earl Perkins, December 27, 2012.
**** Gartner, Inc., “Magic Quadrant for Content-Aware Data Loss Prevention,” Eric Ouellet, January 3, 2013.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.