BEDFORD, Mass., June 16, 2003 — RSA Security Inc. announced that Westinghouse Electric Co. has selected RSA ClearTrust® Web access management software and RSA SecurID® two-factor authentication software to help ensure that only authorized personnel have access to sensitive and proprietary business information.
The implementation of these RSA Security technologies is part of Westinghouse’s company initiative to institute an effective identity and access management platform to enhance network security and improve the end user experience. Westinghouse is providing user single sign-on to Web-based applications, helping the company reduce costs, improve the efficiency of its network and streamline business processes.
Westinghouse is the world’s leading provider of nuclear power plant products, technologies and services to utilities, governments and industrial enterprises. Approximately one half of the world’s operating nuclear power plants are either supplied by Westinghouse or are based on its designs.
Westinghouse works with its customers through all stages of plant design, technology implementation and maintenance and depends on a complex set of applications to enable collaboration between its employees, customers and partners, and to ensure that everyone is updated regarding the status and details surrounding each project.
Recently, Westinghouse management determined the company extranet housing these applications needed to be re-architected. One key area of focus was improving the security procedures used to grant network access. This would enable Westinghouse to reduce end-user frustration and the cost and time associated with managing the numerous IDs and passwords used by its employees, customers and partners.
Under the old system, accessing varied information was very time consuming. Users often had to authenticate five or six separate times with different passwords before they were granted access to the various applications on Westinghouse’s network needed to perform their job function. This process was also costly given the amount of IT resources that were dedicated to working with users who had lost or forgotten their passwords.
With the sensitive nature of the information stored in Westinghouse’s databases, including design plans for nuclear reactors and structural and service information about nuclear power plants, the company needed a solution that would help them limit access to sensitive and proprietary business information and alleviate data access problems. According to Westinghouse’s IT security manager, Tom Moser, the company chose RSA Security’s identity and access management solutions over competing offerings for a variety of reasons.
First, the technology was a good fit with Westinghouse’s existing infrastructure — including the Plumtree portal, Sun ONE LDAP directory server, SAP and Documentum applications that were part of the overall system. Second, RSA ClearTrust software provided critical features and enhanced security functionality.
These included single sign-on, rule-based access, strong application server and LDAP support, and user management. Finally, by selecting RSA Security technology, Westinghouse ensured the longevity of its system through RSA ClearTrust software’s ability to scale to meet the needs of an ever-growing number of users and its tight integration with other technologies from RSA Security.
“Instead of granting a single customer or partner access to all networked information, we wanted to implement a technology solution that would enable us to limit user access to the information that is relevant to his or her project responsibilities,” said Moser. “By implementing a rule-based authorization process, we improve overall security and mitigate the risks associated with opening our network. In addition, by streamlining the log-on process, we can realize extensive benefits in the form of reduced costs, improved network efficiency and increased customer loyalty.”
Westinghouse is also implementing RSA SecurID two-factor authentication software in conjunction with RSA ClearTrust software to further enhance security and improve the overall process by which their networks are updated and maintained. The company is deploying RSA SecurID tokens to all network administrators and Webmasters to implement a three-level authentication process that is designed to ensure only authorized users are able to perform administrative functions and access the actual network infrastructure.
RSA SecurID software is designed to function like an ATM card for a company network, requiring users to identify themselves with two unique factors — something they know (a password or PIN), and something they have (in this case, an RSA SecurID key fob token) — before they are granted access to secure business information.
“Identity and access management technologies are critical components of any security infrastructure,” said John Worrall, vice president of worldwide marketing at RSA Security. “They help an organization establish trust in its online environment, ensure the security of its corporate data and add tangible business value to existing applications by reducing costs, improving customer service and retention, streamlining business processes and increasing employee productivity.”
Westinghouse Electric Company, wholly owned by BNFL plc of the United Kingdom, is the world’s pioneering nuclear power company and is a leading supplier of nuclear plant products and technologies to utilities throughout the world. Today, approximately one-half of the world’s operating nuclear plants are based on Westinghouse technology.
About RSA Security Inc.
With more than 11,000 customers around the globe, RSA Security provides interoperable solutions for establishing online identities, access rights and privileges for people, applications and devices. Built to work seamlessly and transparently in complex environments, the Company’s comprehensive portfolio of identity and access management solutions — including authentication, Web access management and developer solutions — is designed to allow customers to confidently exploit new technologies for competitive advantage. RSA Security’s strong reputation is built on its history of ingenuity and leadership, proven technologies and long-standing relationships with more than 1,000 technology partners. For more information, please visit www.rsasecurity.com.