Understanding RSA Security Practices and Controls

This white paper provides a comprehensive review of RSA security practices, operations, and controls, focusing on the ID Plus offering. It outlines the commitment of RSA to security, emphasizing the importance of trust and robust security measures in their products and processes. The document details the general security principles followed by RSA, including the establishment of a dedicated security risk officer and team responsible for maintaining security protocols. It describes the various security measures implemented, such as multi-factor authentication and zero-trust principles. Furthermore, the paper discusses the infrastructure supporting RSA's services, including cloud, hybrid, and on-premises deployment models. It highlights the Cloud Authentication Service and the Identity Router, detailing their roles in ensuring secure communication and data management. Additionally, the paper addresses physical access controls, data security, and encryption practices that safeguard sensitive information. Overall, the document serves as a detailed guide to understanding RSA's security framework and operational integrity.