Will Safeguard Physical and Network Assets

BEDFORD, Mass., March 15 /PRNewswire-FirstCall/ – RSA Security Inc. (Nasdaq: RSAS) today announced that Post & Schell, a Philadelphia-based law firm serving clients in healthcare, insurance and other specialized industries, has implemented the RSA Smart Badging Solution to provide physical and network access at its new headquarters. Consisting of RSA SecurID(R) Passage software and RSA SecurID smart cards, this secure enterprise access solution has streamlined administration tasks while providing easy-to-use digital credentials for all employees. As a result of the implementation, Post & Schell has significantly enhanced secure access to all resources to safeguard both sensitive and private client data, as well as its own assets.

Prior to the RSA Security solution, Post & Schell used a password policy through Microsoft(R) Windows(R) 2000 operating system in order to gain accessto the corporate network and its applications. However, with more than 300 employees spread across six offices, the IT department had difficulty enforcing periodic password changes. The firm recognized an opportunity to address these issues when it developed an information security blueprint for its new Philadelphia headquarters which opened in September 2003.

“We needed a highly secure, tamper-resistant and mobile solution to provide access to specific areas of our facilities as well as to our electronic assets. Our challenge was to add these additional layers of security without negatively affecting the way our employees work,” said Louis Mazzio, chief technology officer at Post & Schell. “Not only did the smart card authentication solution from RSA Security make the physical transition trouble-free, but it also allowed our IT department to spend far less time with administration of both local and remote network access.”

The firm’s solution is comprised of three products from RSA Security:

* RSA SecurID Passage 3.5.1 software – enables certificate authentication to the Microsoft Windows 2000 Server environment. It also supports access to resources protected by RSA SecurID technology through secure storage of RSA SecurID authentication information.

* RSA SecurID 5100 Smart Cards – acts as the storage container for the user’s digital and physical credentials. Post & Schell uses this multi-application card based on Sun(TM) Java(TM) technology as an employee badge to grant physical access into the office.

* RSA ACE/Server(R) software – manages access rights to resources protected by RSA SecurID technology resources and issues the software token seed stored on the card.

Today, employees use their badges, which act as proximity cards, to enter the facility, use the elevator and access file rooms or other areas that may contain sensitive materials. It is nearly impossible to navigate the building without a badge.

At each workstation, the RSA Security smart badge is used for secure two-factor authentication to gain access to the network and the firm’s applications like time and billing, documents and databases, and e-mail. In order to log on into these applications, an employee first inserts his or her badge into a smart-card reader that is connected to the computer and then types in a personal identification number (PIN). If the PIN matches the information stored on the smart card, the employee has successfully authenticated and has access to systems resources and business applications. The computer is automatically locked when the badge leaves the reader, prohibiting another person from using the machine.

In addition to a badge, attorneys and paralegals carry RSA SecurID tokens to access the firm’s Citrix(R) MetaFrame XP(TM) Presentation Server from outside the office. The tokens display a unique code that changes every 60 seconds and users enter this code along with their PIN to access the Citrix web interface, which gives them a desktop-like environment and the ability to run applications enabled by the MetaFrame Server via a browser.

By consolidating physical and network access into a single solution the firm is able to ensure a high level of compliance internally and fewer calls for support. In addition, the features of RSA ACE/Server software, such as database replication and load balancing, save time when it comes to administering and managing user authentication.

The RSA Security solution architecture also helps Post & Schell comply with privacy regulations including the requirements set forth by the Health Insurance Portability and Accountability Act (HIPAA), which is essential due to its extensive work with healthcare and insurance companies. “Firms that don’t take steps to secure data may be in danger of losing business – either on the front or back end. But this system has made it easy to answer privacy-related questions,” said Mazzio.

Due to the success of RSA Security’s solution in the Philadelphia office, Post & Schell plans to roll out the new security measures to all six offices.

“RSA Security is the only vendor to offer a multi-application smart card solution that supports passwords, digital certificates and RSA SecurID tokens from the same platform,” said John Worrall. “Our secure enterprise access solutions have helped thousands of organizations balance user convenience with strong security to create a competitive advantage and maintain trust within the enterprise.”

About Post & Schell

Formed in 1968, Post & Schell (http://www.postschell.com) has more than 150 lawyers in six offices: Philadelphia, Pittsburgh, Harrisburg, Lancaster and Allentown in Pennsylvania, as well as Princeton, New Jersey. Specializing in niche high-end litigation and consulting, the firm also provides transaction, compliance and educational services.

Post & Schell lawyers have tremendous experience in courtrooms, boardrooms and in administrative hearing rooms. They routinely handle the most complex and sensitive issues in the following industries: healthcare; pharmaceutical; manufacturing; transportation; communications; construction; retail; security; social; professional and municipal services; and insurance.

About RSA Security Inc.

RSA Security Inc. helps organizations protect private information and manage the identities of people and applications accessing and exchanging that information. RSA Security’s portfolio of solutions – including identity & access management, secure mobile & remote access, secure enterprise access and secure transactions – are all designed to provide the most seamless e-security experience in the market. Our strong reputation is built on our history of ingenuity, leadership, proven technologies and our more than 14,000 customers around the globe. Together with more than 1,000 technology and integration partners, RSA Security inspires confidence in everyone to experience the power and promise of the Internet. For more information, please visit http://www.rsasecurity.com.

RSA, SecurID and ACE/Server are either registered trademarks or trademarks of RSA Security Inc. in the United States and/or other countries. Citrix, MetaFrame and MetaFrame XP are registered trademarks or trademarks of Citrix Systems, Inc. in the U.S. and other countries.

Microsoft and Windows are registered trademarks of Microsoft Corporation in the U.S. and/or other countries.

Sun and Java are registered trademarks or trademarks of Sun Microsystems, Inc. in the U.S. and other countries.

All other products and services mentioned are trademarks of their respective companies.

For more information:

Amy Barney
McGrath/Power Public Relations
(408) 727-0351
[email protected]

Tim Powers
RSA Security Inc
(781) 515-6212
[email protected]