Skip to main content

Can RSA repair the broken trust?

posted onJune 8, 2011
by l33tdawg
Source: Flickr (CC)
Credit: Source: Flickr (CC)

Despite Art Coviello's open letter offering to replace tokens for customers, we are still none the wiser as to what assets within RSA were compromised during the breach they suffered in March.

Reading the letter I see no admission from RSA that its tokens were compromised. Instead, we have an offer to increase certain customers' confidence in the RSA infrastructure which they have already invested in. Some are seeing this as an admission from RSA that its database linking tokens to users has been breached. However, RSA still has not confirmed what was breached or what information was accessed, therefore we are still in the realm of speculation.

This could also be a marketing ploy to rebuild customer confidence regarding the product. Careful reading of the letter shows that RSA is only offering to "replace SecurID tokens for customers with concentrated user bases typically focused on protecting intellectual property and corporate networks", which does not necessarily mean replacing every single token issued.

To me this lack of clarity and information about what was compromised is the worst part of the RSA breach. Without knowing what exactly was compromised and what impact it has on those using RSA products it is difficult for customers to know how to ensure their systems are safe. It should be noted that this incident is also a prime example of why companies should take a layered and in depth approach to securing their networks and information assets. Relying on one technology or solution alone will cause you security to fail should that technology or solution itself become compromised, and let us not forget that RSA is not the first security company to have security issues or concerns with their products.

Source

Tags

RSA Security Industry News

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th