One of the biggest names in the security industry goes down
What do the security gurus recommend?
To make matters worse:
Short term & tactical measures:
- Better logging/audit policy
- Disable accounts after 3 incorrect login attempts
- Enforce stronger password policies
- Ensure users do not disclose their passwords, and are always wary of social engineering and phishing attempts
Long Terms Solution:
- RSA has offered to replace the tokens for their customers: This could be done if RSA can commit that these new tokens were also not part of the booty which the hackers "looted"
- Replace the RSA tokens and purchase from a different vendor: This could also be a good approach, as long as the new vendor is reliable and selected after some due-diligence
- Discontinue the use of hardware tokens: Organizations could explore the option of not using any hardware based tokens. They may consider soft tokens (software based), or even the use of sending One Time Passwords (OTP) over SMS or emails