DSD tells agencies to replace RSA tokens
The Federal Government's peak security agency has recommended that departments and agencies accept the offer by troubled security vendor RSA to replace copies of its SecurID key fob identification tokens.
The SecurID platform sees small devices commonly known as "key fobs" distributed to staff and customers of major organisations, who then use the randomised codes created by the fobs to authenticate their credentials when they log in to sensitive systems such as internet banking platforms or government system.
However, following an attack on its head offices in the US and a subsequent attack on customer Lockheed Martin, RSA has offered to replace the tokens globally. Locally, organisations such as Westpac, ANZ Bank and the Australian Taxation Office have taken up the offer, although others such as the Commonwealth Bank and NAB have so far declined, believing their security is sufficient to weather the storm.
The Defence Signals Directorate, the agency responsible for setting security policies across the government, revealed this morning that it had taken a conservative approach to the problem. "The Defence Signals Directorate (DSD) has recommended Australian government agencies that use SecurID products to protect sensitive or classified information accept RSA's offer to replace the tokens," it said. DSD sits within the Department of Defence.