RSA Data Breach

873 Words2 Pages

RSA is the encryption and network security division of EMC, assisting top organizations to solve complex IT security challenges. RSA’s products and mission consist of a combinations of business-critical controls, encryption, and tokenization to secure access to organizations IS infrastructure. The Security Division offers a wide range of two-factor authentication solutions to help organizations assure user identities and meet regulatory compliance requirements. The authentication keys come in a variety of forms such as hardware and software authenticators that can be applied to a range of computer devices.

RSA SecurID Technology

SecurID is based on password and pin, a double layered access authentication principle. This technology is noted to have a more reliable level of user passwords. The cryptographic technology has the ability to automatically changes passwords every 60 seconds. The top benefit of SecurID helps positively identify users before they access critical confidential data systems. Each authenticator possesses a special symmetric key that is combined with an algorithm to create rapid one-time passwords (OTP). The OTP’s are stored in the Authentication Manager server for optimal security. OTP’s are established and known to the user – the PIN acts as a back-up layer which makes it extremely difficult for hackers to exploit. Strengthening vulnerabilities in access control mechanism with a layered technology, makes SecurID access keys a worthwhile product.

So What

Despite RSA’s specialization in IT security products for top organizations world-wide, on March 17, 2011 the company fell victim to a common cyber-attack leaving client’s and RSA’s IS infrastructures vulnerable to further exploits. Executive Chairmen, Art C...

... middle of paper ...

...al factors for strong authentication solutions. Initially, RSA refused to disclose certain details of the attack to customers for mitigation purposes; this left clients unsatisfied and upset. Several companies expressed concern about the lack of information about the attack (Green 2011).

Works Cited

RSA Security Inc. (2010). Solution Breif: RSASecurID Two-factor Authentication. Retrieved from http://www.rsa.com/products/securid/sb/10695_SIDTFA_SB_0210.pdf

Green, T. (2012). RSA: Unapologetic looks to move beyond the breach. Network World. Retrieved from http://www.networkworld.com/news/2012/011912-rsa-breach-255042.html

Coviello, A.(2011). Open Letter to RSA SecurID Customers. RSA Security Division of EMC. Retreived from http://www.rsa.com/node.aspx?id=3891

King, R. (2011). EMC’s RSA Security Breach May Cost Bank Customers $100 Million. Retreived from

Open Document