RSA Offers Replacement Tokens…

RSA chairman Art Coviello wrote in an open letter an offer to replace RSA tokens for customers with “…concentrated user bases typically focused on protecting intellectual property and corporate networks.” This was an effort to regain customer’s trust in the technology that was reportedly compromised in an attack disclosed on 17-MAR-2011. The attack was against several government defense contractors, and was linked to the earlier compromise of the technology including L3, and Lockheed Martin, though the attacks were reported to be unsuccessful. If your company does not fall into the bucket of having a concentrated user base focused on protecting intellectual property and corporate networks, RSA is offering to …”implement risk-based authentication strategies for consumer-focused customers with a large, dispersed user base, typically focused on protecting web-based financial transactions.”

With the new attacks and the changing threat landscape, companies should take time to revisit their threat scenarios and contemplate the controls that are used to protect against the threat agents. Two-factor authentication, now commonly used to supplant password-only authentication, is not a solution in an of itself and still requires that activities be monitored and reviewed. Hence the “risk-based authentication strategies” being offered by RSA. If you’re a security pro, honestly answer the following question — When was the last time you looked at the successful log entries to identify anomalous patterns? Trust, but verify…

Regardless of your user base, or what matters to your company, authentication will remain a challenge. Companies should take the time to revisit their authentication schema including the people, processes and technology they place their trust in to provide authentication, and review their logging capabilities with a keen eye on identifying anomalous behavior.