Balancing security and usability is a challenge that the IT industry has been grappling with for decades. The latest attempt to ease the task comes from RSA Security LLC, which is rolling out a new access management toolkit today that promises to help organizations fine-tune how they regulate user activity.

The main component of the SecurID Suite is SecureID Access, the EMC Corp. subsidiary’s hugely popular single sign-on tool. It works with everything from traditional on-premise workloads to cloud services like Salesforce.com and offers administrators a wide range of user verification methods to choose from. Among them is RSA’s homegrown two-factor authentication technology, iris scanning software from partner Eyeprint ID Inc. and a number of other third party products that are geared mainly towards mobile workers.

The specific type and number of verification methods that SecureID Access employs can be controlled using a complementary automation tool called Identify Governance that is also included in RSA’s new suite. A healthcare company, for instance, could have the software ask workers to use their hardware tokens when viewing a patient database but only require a valid email and password in less sensitive situations. The product even enables administrators to individually customize the authentication process for every user based on their roles and what systems they have access to.

As a result, organizations can enforce strict access policies when necessary without inconveniencing employees who only require standard authentication functionality. But some usability issues are still bound to occur in every large enterprise environment, which is why the SecureID Suite’s automation features are paired with a manual access request option. The mechanism allows workers to ask the IT department for additional permissions when they find themselves suddenly needing to log into a new system or cloud service. And to prevent administrators from getting overwhelmed, it can be configured to reject certain requests by default if they are out of line.

Rounding out the toolkit is a set of monitoring capabilities designed to help identify unused accounts, compliance violations and other potential risks that warrant special attention. The integration between the SecureID Suite’s components enables administrators to quickly address such vulnerabilities in a fairly streamlined manner. RSA hopes that the offering will up the ante against the numerous rivaling access management startups that have hit the scene in recent years.

Image via Flickr