RSA ID Plus: Securing the Future for Employees and Customers of a Major APAC Bank

Identity for financial services

Customer challenges

Navigating complexities of on-premises procurement processes
Scaling efficiently to serve a large, diverse user base
Addressing authentication needs of both internal users and banking customers
Staying prepared to combat evolving cyber threats, especially phishing
Meeting regional regulatory requirements for cybersecurity

Table des matières

Authentication and compliance

Financial services industries face unique challenges. As part of the world’s critical infrastructure, they’re subject to regulatory measures intended to keep them secure and operational. They’re also subject to frequent cyberattacks and must constantly adapt their security posture to stay ahead of adversaries. RSA has helped financial institutions, banks, brokerage firms, insurers, and mortgage companies in their quest to bolster cyber defenses and achieve compliance—including one of the largest banks in Australia and New Zealand. The bank reached an important milestone in meeting its cybersecurity and compliance goals by adopting RSA® ID Plus, the complete, secure identity and access management (IAM) solution that protects all users across cloud, hybrid, and on-premises settings.translated

RSA: Delivering secure authentication for 50,000+ internal users and bank customers

With the adoption of ID Plus, the bank now has a large-scale, cloud-based environment from which to deliver access, authentication, and other identity-related cybersecurity capabilities to its 20,000 internal users (including 5,000+ privileged users) and 30,000 high-net-worth business-banking customers, all of whom have long relied on RSA solutions for secure authentication. With ID Plus, both internal and external users will continue to be able to authenticate with confidence using RSA technology; the difference is that authentication happens in a unified cloud environment rather than with a less flexible and more costly on-premises deployment.

ID Plus: More efficiency and adaptability in securing employee and customer identities

The bank’s move to ID Plus and cloud IAM was prompted by its strategy to be the most secure financial institution for its customers, improve its operational efficiency, streamline authentication, and reduce costs. They had previously been relying on a variety of on-premises capabilities that required multiple orders and billing cycles to manage, which was inefficient, time-consuming, and costly. The bank needed a way to streamline management without compromising security or the user experience. By providing the cloud IAM capabilities the bank needed, RSA enabled the organization to meet its goals of increasing efficiency, managing costs, and maintaining the effectiveness of its previous on-premises deployment. ID Plus provided the bank with everything it needed for cloud access management, authentication, and other capabilities in one solution with a single contract for authenticators and other resources. At the same time, this new approach made it possible to leave behind the capital expenditures associated with an on-premises-only deployment.translated

Finally, adopting ID Plus enabled the bank to move IAM to the cloud at their own pace. The bank continued to deploy some IAM capabilities on-premises while transitioning user groups to the cloud to ensure that its processes would not be interrupted.

A single, flexible platform for everything identity-related—now and far into the future

With cyber threats constantly evolving and growing, the bank must be able to quickly and easily expand its capabilities to repel new threats as they emerge.

As part of the RSA Unified Identity Platform, ID Plus makes it easy to roll out additional IAM capabilities as needed. For example, FIDO2-certified mobile passkeys and the RSA iShield Key 2 series hardware authenticators can be added to enable users to log in to resources using phishing-resistant authentication.

RSA solution

ID Plus cloud-based IAM environment
Ease of adding mobile security-specific capabilities
Broad range of software and hardware authenticator options
Phishing-resistant authentication that supports regulatory compliance

Compliance with key regulatory requirements in the region

Through secure multi-factor authentication and other capabilities, ID Plus not only supports the bank’s commitment to securing operations and transactions, but also helps ensure its compliance with Australia’s Essential Eight cybersecurity framework and with regulations issued by the Australian Prudential Regulation Authority (APRA). Essential Eight controls help mitigate phishing risks by preventing credential theft, limiting unauthorized access, and reducing the success rate for phishing-based attacks. Similarly, APRA guidelines and requirements emphasize the importance of a variety of robust information security measures that address phishing risks.

Striking the balance that the evolving cybersecurity landscape demands

With RSA ID Plus, the bank has the IAM capabilities needed to confidently move forward—with easy-to-manage, highly secure identity operations that provide multiple benefits to everyone from front-line employees to privileged users to the most security-sensitive customers. And as the needs of these diverse groups and the bank that serves them continue to change, RSA will continue to lead them toward a secure future.translated

Results

<ul>
<li>Streamlined procurement and lower capital costs in the cloud</li>
<li>Ability to move operations to the cloud at the bank’s preferred pace</li>
<li>Scalability to manage 50,000+ internal and external identities</li>
<li>Modern authentication that works in B2B and B2C environments</li>
<li>Phishing-resistant authentication that supports requirements of major regulatory frameworks</li><span class="”d-none”">translated</span>
</ul>
<em>Learn more about how <a href="”/financial-services/”">RSA secures financial services</a>, or <a href="”/contact/id-plus-free-trial/”">start your ID Plus trial today</a>.</em>