RSA Security Expands Regulatory Compliance Capabilities of RSA ClearTrust Software

Search Blogs that Mention this News Release
Click this link to view linked Bookmarking Services
Click this link to view linked Blogging Services
RSA Security Expands Regulatory Compliance Capabilities of RSA ClearTrust Software
    RSA(R) Reporting & Compliance Manager Enhances Auditing and Reporting
         Capabilities for RSA Security Web Access Management Solution

    BEDFORD, Mass., May 11 /PRNewswire-FirstCall/ -- RSA Security Inc.
(Nasdaq: RSAS) today announced RSA(R) Reporting & Compliance Manager, which
provides centralized reporting capabilities to help customers using RSA
ClearTrust(R) web access management software more easily comply with the
information security requirements associated with regulations such as
Sarbanes-Oxley, HIPAA, and others.  RSA Reporting & Compliance Manager
leverages the logging capabilities of RSA ClearTrust software to provide
auditing and reporting benefits that enable organizations to report on both
past and present access policies, as well as user behavior.  RSA Reporting &
Compliance Manager expands the suite of solutions and product features RSA
Security offers to help businesses effectively leverage best practices for
meeting regulatory requirements.
    Regulations such as Sarbanes-Oxley and HIPAA ultimately require
organizations to do what is "reasonable" -- in other words, implement best
practices.  In this regard, organizations need better logging and reporting
capabilities for investigating security incidents and for providing
administrators and auditors with evidence of policy conformance or regulatory
compliance.
    With its built-in and customizable reports, RSA Reporting & Compliance
Manager will provide visibility into the accuracy of user access rights and
the activities of employees, customers, and partners on corporate systems
protected by RSA Security products.  For example, RSA Reporting & Compliance
Manager interprets log events generated by RSA ClearTrust software and
provides consolidated, easy to customize, and exportable reports that can help
administrators easily answer complex "who, when, how, and why" audit questions
about user access and authorization.  In addition, administrators can easily
create new reports.  Built-in reports include:

    * Policy reports showing who has access to what information and
      applications
    * Policy change reports showing how an access policy changed over time,
      including which administrators made the policy changes
    * Activity reports showing who accessed what and when
    * Intrusion reports showing unsuccessful attempts to gain access

    "Many regulations share common, fundamental requirements to verify access
controls and monitor user activity.  Organizations are now expected to prove
that only authorized users have been granted access to protected information,
that access rights are being update in a timely manner, and that the
organization has enforced proper separation of duties,"  said Chris
Christiansen, Program Vice President, IDC's Security Products and
Infrastructure Overview services.  "Effective and accurate logging and
reporting on user access on a real-time basis will be a cornerstone of an
effective compliance program."
    "With organizations facing a myriad of regulatory requirements, one major
challenge is implementing reliable and easy to use logging and reporting
capabilities that make sense of all the system level logs generated by an
identity and access management infrastructure," said John Worrall, vice
president of worldwide marketing at RSA Security.  "We developed RSA Reporting
& Compliance Manager to help address this challenge and to ensure that
customers can continue to open up their systems to more users and do more
business online, without compromising on security or creating auditing
nightmares."
    RSA Reporting & Compliance Manager will be available in June 2005.  More
information regarding RSA Reporting & Compliance Manager is available at
http://www.rsasecurity.com/products/compliancemanager.

    About RSA Security Inc.
    RSA Security Inc. helps organizations confidently protect identities and
information access.  The company secures more than 15 million user identities,
safeguards trillions of business transactions annually, and manages the
confidentiality of data in tens of thousands of applications worldwide.  RSA
Security's portfolio of award-winning solutions -- including identity & access
management, secure mobile & remote access, secure enterprise access, secure
transactions and consumer identity protection -- sets the standard in the
industry.  Our strong reputation is built on a 20-year history of ingenuity,
leadership and proven technologies, and our more than 17,000 customers around
the globe.  Together with more than 1,000 technology and integration partners,
RSA Security inspires confidence in everyone to experience the power and
promise of the Internet.  For more information, please visit
http://www.rsasecurity.com
    RSA, RSA Security and ClearTrust are either registered trademarks or
trademarks of RSA Security Inc. in the United States and/or other countries.
All other products and services mentioned are trademarks of their respective
companies.

    For more information:
     Courtney Hohne                     Dave Howell
     OutCast Communications             RSA Security Inc.
     (415) 392-8282                     (781) 515-6303
     rsa@outcastpr.com                  dhowell@rsasecurity.com
SOURCE RSA Security Inc.
http://www.rsasecurity.com
CONTACT:
Courtney Hohne of OutCast Communications,
+1-415-392-8282, rsa@outcastpr.com; or Dave Howell of RSA
Security Inc., +1-781-515-6303, dhowell@rsasecurity.com