RSA SecurID SID800 Authenticator Token

Securing Your Future with Two-Factor Authentication

Do you really know who's accessing your most sensitive networked information assets? Unfortunately, security built on static, reusable passwords has proven easy for hackers to beat.

RSA SecurID® two-factor authentication is based on something you know (a password or PIN) and something you have (an authenticator)—providing a much more reliable level of user authentication than reusable passwords.

• The only solution that automatically changes your password every 60 seconds
• 20-year history of outstanding performance and innovation

RSA offers enterprises a wide range of user authentication options to help positively identify users before they interact with mission-critical data and applications through:

• VPNs & WLANs
• E-mail
• Intranets & extranets
• Microsoft® Windows® desktops
• Web servers
• Other network resources

RSA SecurID® At a Glance:

• One of the most widely used authenticator solutions
• Easy-to-use, “zero footprint” options
• Secures internal and remote network access
• Available in hardware and software token form factors
• Interoperable with most leading remote access servers, VPNs, firewalls and web servers
• Transaction-signing capabilities for sensitive financial transactions

RSA SecurID® hardware tokens provide "hacker-resistant" two-factor authentication, resulting in easy-to-use and effective user identification. Based on RSA’s patented time synchronization technology, this authentication device generates a simple, one-time authentication code that changes every 60 seconds.

To access resources protected by the RSA SecurID system, users simply combine their secret Personal Identification Numbers (PIN’s) (something they alone know) with the token codes generated by their authenticators (something they have). The result is a unique, one-time-use passcode that is used to positively identify, or authenticate, the user. If the code is validated by the RSA SecurID system, the user is granted access to the protected resource. If it is not recognized, the user is denied access.

With RSA SecurID hardware authenticators, no interaction with the user desktop is required—that is, you don't have to install or maintain any software. Equally important, you are not required to program tokens. They are ready to use out of the box. In addition, RSA SecurID hardware authenticators are manufactured and sealed with an integral lifetime battery. No user maintenance or battery replacement is required. As a result, this authentication solution is as easy to deploy and administer as it is to use.

Features:

RSA SecurID Hardware Authenticators: An easy-to-use, convenient, self-contained method for effective user identification. Choose from two security token styles—key fob or card—to meet an array of user applications including two-factor authentication, hard-disk encryption, and transaction and email signing

	Quality Authenticators Benefit from one of the industry's highest-quality authenticator-manufacturing processes, which means fewer token failures in the field.
	Multi-Use Tokens Enable users with multiple uses for their authenticators, such as two-factor authentication along with hard-disk encryption, email signing, and more.
	Customizable Brand your organization and demonstrate your commitment to security with custom artwork on your RSA security tokens.
	Warranted Rely on a warranty that covers each RSA Authenticator security token for the entire life of the device.
	Time-Synchronous Benefit from an approach that combines time, an algorithm, and a unique identifier to strengthen overall cryptographic value.

Why choose RSA SecurID?

The Top Six Reasons RSA SecurID is the Gold Standard in Two-Factor User Authentication

It all boils down to excellence in each of the categories listed below. These are the reasons why RSA SecurID is the authentication choice of over 25,000 customers worldwide.

1. Strength of Security

The Strongest and Easiest to Use One Time Password Security Solution

To protect your organization’s most critical information assets, you need a security system that is second to none.

RSA SecurID authentication offers a unique, time-synchronous solution that automatically changes the user’s password every 60 seconds. This makes our solution more secure than event-synchronous systems with passwords that can be valid for an indefinite period of time and easier to use than challenge-response systems that require multiple steps to generate a valid code.

What’s more, RSA SecurID authentication is built upon the Advanced Encryption Standard (AES) algorithm, a recognized standard that is continuously scrutinized and challenged by cryptologists around the world to ensure its strength and dependability.

RSA, with its research arm RSA Laboratories, is recognized as a leading firm in the field of cryptography. We continue to evolve our solutions to meet emerging threats. By investing in RSA SecurID authentication you’re getting a proven and tested solution that will meet your needs for years down the road.

2. Integration

Interoperability with Your Infrastructure

Built-in integration with more than 200 leading vendors of firewalls, remote access servers and wireless access points means fewer headaches for you.

We want to be sure that your integration process will be as trouble-free as possible and so RSA Security has invested in a broad program to ensure that our products interoperate with most of the major network infrastructure products on the market.

To earn the RSA Secured® seal of approval vendors undergo a rigorous vetting process. Solutions are documented through in-depth Implementation Guides.

With the strong support of the RSA Secured program you can be sure that RSA SecurID authentication can protect your enterprise data no matter what else changes in your environment.

3. Broad Application in the Enterprise

Do More With What You Have

Most people purchase RSA SecurID authentication to protect their remote access systems. But with this solution, that’s just the beginning.

When you invest in RSA SecurID, for no additional cost you can add strong, two-factor authentication to your wireless LAN, dramatically reducing the risk of parking lot hackers accessing your most critical systems.

After that you could add two-factor authentication to:

• Your Board of Directors collaboration web site
• Your Cisco and Citrix environments
• Your enterprise single sign-on solution
• And more

All of this functionality comes with no additional expense, offering you maximum flexibility and investment protection as you increase the ROI of your RSA SecurID installation.

4. Flexible, Powerful Offerings

Don’t Get Locked Into a Single Authentication Method or Server Configuration

Maximize your return on investment by ensuring that your security system will evolve with your business needs.

Though RSA is most well-known for our hardware tokens, we offer a broad array of authenticators to suit any situation:

RSA also offers a wide range of server offerings:

5. Scalability & Quality

Designed to be a Mission Critical Application

RSA invests heavily in our testing labs to ensure that our solution meets your demanding requirements. Our tokens are better, and we have the numbers to prove it.

With a mission-critical application, downtime can mean missed opportunities and lost revenue. That’s why redundancy, automated fail-over, support for high-availability servers and cross realm authentication are all available features on the RSA SecurID Authentication Manager.

Token quality is also extremely important to us. Every RSA SecurID token is sealed to protect it from the elements and to prevent tampering. RSA SecurID hardware tokens are subjected to rigorous tests to ensure that you never get hit with hidden costs due to token failures.

Tests include:

• Temperature cycling: Includes a -20°C to 70°C for 25 cycles with each cycle taking 2 hours and 1.5 hours for ramp time.
• High humidity: Includes 95% humidity with 35°C for 96 hours, followed by a gradual decrease to 23°C and 50% humidity.
• Random vibration: Includes an acceleration of 15 Grms with a frequency of 10-2000 Hz with duration of one hour per each of three axis (X, Y, &Z).
• Mechanical shock: Includes a shock of 3500 g’s with a pulse time of 0.5ms on all 3 axis of the unit.
• ESD: The minimum engineering requirement is 15Kv (pos and neg). Tumble testing: Tumbling takes place in a hexagonal tumbling drum. Tumble at 20 RPMs for 60 minutes.
• Run-over check: An automobile will drive over the fobs with a single rear tire.
• Immersion check: This will check the ability of the RSA SecurID tokens to withstand immersion in water.

We stand behind our reputation for quality with a warrantee on every token for its lifespan.

6. Support & Innovation

Strong Support Both Now and Down the Road

When you purchase RSA SecurID authentication you’re buying into one of the leading technical support organizations in the world. RSA’s worldwide "follow the sun" support organization is recognized as best in class by our customers and partners.

Because you never know when you’ll need a helpful hand at two o’clock in the morning, RSA offers telephone, email and online support in multiple languages and time zones. Beyond our technical support, we have a robust Professional Services team ready to help with any special requirements for your organization.

RSA has also invested in your success by ensuring that our RSA SecurWorld Partners are up-to-date on the latest advances in enterprise authentication. RSA Certified Security Professionals have the knowledge, skills, and credentials necessary to deploy and maintain reliable enterprise security systems.

And because we understand that security threats are constantly evolving, RSA has invested heavily in our own Research and Development organization: RSA Laboratories. So we are on the lookout for potential security pitfalls before they have a chance to impact your bottom line.

Components:

Required Components:

• RSA SecurID hardware authenticator
• RSA Authentication Manager software
• RSA Authentication Agent software
• RSA Authenticator Utility (SID800 only - supplied with token)
• RSA SecurID Authentication Engine (SID900 only - RSA Authentication Manager and Agent software not required)

Optional Components:

• RSA Authentication Deployment Manager provisioning software for simplified deployment
• RSA SecurID® Select personalization service

Ordering Options:

• Available in 2-, 3-, 4- and 5-year versions.

Pricing and Availability:

• All RSA SecurID hardware authenticators are available through RSA sales channels

How-Tos for New RSA SecurID Users:

Care and Use of Your RSA SecurID Token

Your new RSA SecurID token is part of an RSA Security system that protects your organization’s valuable resources. Follow your system administrator’s instructions for using your assigned RSA SecurID token and getting your own Personal Identification Number (PIN). In addition, for your own protection and that of the system, always take the following precautions:

Protecting Yourself

• Never reveal your PIN to anyone. Do not write it down.
• If you think someone has learned your PIN, notify the security administrator, who will clear the PIN immediately. At your next login you will have to receive or create a new PIN to use.
• Exercise care not to lose your RSA SecurID token or allow it to be stolen. If your token is missing, tell an administrator immediately. The administrator will disable it so that it is useless to unauthorized users.
• Do not let anyone access the system under your identity. (i.e., log in with your PIN and a code from your RSA SecurID token).
• Always follow your system’s standard logoff procedures. Failure to log off properly can create a route into the system that is completely unprotected.

Protecting Your Authenticator
While your RSA SecurID token has been designed to comply with strict industry standards, it contains delicate and sophisticated instrumentation and therefore should be handled accordingly:

• Do not immerse your token in liquids, do not expose it to extreme temperatures, and do not put it under pressure or bend it.
• Do not attach or otherwise affix your token directly to devices that generate electromagnetic radiation (EMR), such as mobile phones, phone enabled PDAs and smart phones. At close range (less than 3 inches), these devices can output high levels of EMR that can interfere with the proper operation of electronic equipment, including your token. To be safe, RSA recommends that you carry and store your token separate from your EMR device.

Compare:

RSA SecurID Hardware Authenticators
	RSA SecurID 200 Authenticator	RSA SecurID 520 Authenticator	RSA SecurID 700 Authenticator	RSA SecurID 800 Hybrid Authenticator	RSA SecurID 900 Authenticator
Style	Card style	Card style	Key fob	Key fob	Card style
Available on	RSA Authentication Manager and SecurID Authentication Engine (SAE)	RSA Authentication Manager and SecurID Authentication Engine (SAE)	RSA Authentication Manager and SecurID Authentication Engine (SAE)	RSA Authentication Manager and SecurID Authentication Engine (SAE)	RSA SecurID Authentication Engine (SAE) ONLY
Artwork customization available	Yes	Yes	Yes	Yes	Yes
Number of digits displayed	6 standard; can be customized to 4 or 8	6 standard; can be customized to 4 or 8	6 standard; can be customized to 4	6 standard; can be customized to 4	6 standard; can be customized to 4
Display change time for one-time password (OTP)	60 seconds; can be customized to 30 seconds	60 seconds; can be customized to 30 seconds	60 seconds; can be customized to 30 seconds	60 seconds; can be customized to 30 seconds	60 seconds; can be customized to 30 seconds
Duration availability	24, 36, and 48 months	24, 36, and 48 months	24, 36, 48, and 60 months	24, 36, 48, and 60 months	24, 36, and 48 months
Applications	OTP	Pin entry OTP	OTP	OTP, email signing, HD/file encryption, etc.	OTP, Challenge Response

Documentation:

Download the RSA SecurID Hardware Authenticators Datasheet (PDF).