RSA Hacked; SecurID Customers At Risk?

Printer-friendly version Email this CRN article


In RSA's SecurCare Online Note detailing the attack, RSA recommended that SecurID users take the following steps:


  • increase focus on security for social media applications and the use of those applications and Web sites by anyone with access to critical networks.


  • enforce strong password and PIN policies.


  • follow the rule of least privilege when assigning roles and responsibilities to security administrators.


  • re-educate employees on the importance of avoiding suspicious e-mails, and remind them not to provide user names or other credentials to anyone without verifying that person's identity and authority. Employees should not comply with e-mail or phone-based requests for credentials and should report any such attempts, RSA added.


  • pay special attention to security around active directories, making full use of SIEM products and also implementing two-factor authentication to control access to active directories.


  • watch closely for changes in user privilege levels and access rights using security monitoring technologies such as SIEM, and consider adding more levels of manual approval for those changes.


  • harden, closely monitor and limit remote and physical access to infrastructure that is hosting critical security software.


  • examine their help desk practices for information leakage that could help an attacker perform a social engineering attack.


  • update their security products and the operating systems hosting them with the latest patches.


Printer-friendly version Email this CRN article