RSA Authentication Manager software is the management component of the RSA SecurID product, which initially verifies authentication requests and centrally administers user authentication policies for access to enterprise networks. RSA Authentication Manager provides two-factor user authentication that protects access to VPNs, wireless networks, Web applications, business applications and operating environments. The two factors include something you know (a password or PIN) and something you have (an authenticator).

In the next step, RSA Access Manager enables users to validate not only who somebody is but what that person is allowed to do. This is accomplished through a mechanism known as role-based control, which determines if a person is able to see documents, print them, forward e-mail attachments or save data.

According to Dennis Hoffman, RSA's vice president of enterprise solutions, "the last step is securing the data itself, which we do through encryption key management and digital rights management technologies. So the encryption products at RSA go under the BSAFE brand."

RSA's encryption products are available in both server- and appliance-based versions. Hoffman says that while the server-based versions could be subject to injurious access by someone with super-user status, the appliance version is hardened and closed, which prevents unauthorized access.

While the number of internal security breaches involving lower-level data administrators accessing executive-level e-mail and network information is difficult to document accurately, experts agree that the severity of these occurrences generally makes them more harmful than external attacks.