-
Essay / RSA Data Breach - 873
RSA is the encryption and network security division of EMC, helping large organizations solve complex IT security problems. RSA's products and mission consist of a combination of critical controls, encryption and tokenization to secure access to the organization's IS infrastructure. The Security division offers a wide range of two-factor authentication solutions to help organizations ensure user identity and meet regulatory compliance requirements. Authentication keys come in various forms, such as hardware and software authenticators that can be applied to a range of computing devices. RSA SecurID TechnologySecurID is password and PIN based, a dual-layer access authentication principle. This technology is said to have a more reliable level of user passwords. Cryptographic technology has the ability to automatically change passwords every 60 seconds. The main advantage of SecurID is to positively identify users before they access critical confidential data systems. Each authenticator has a special symmetric key that is combined with an algorithm to create fast one-time passwords (OTPs). OTPs are stored on the Authentication Manager server for optimal security. OTPs are established and known to the user – the PIN acts as a backup layer, making it extremely difficult for hackers to exploit. Reinforcing vulnerabilities in the access control mechanism through layered technology makes SecurID access keys an attractive product. And despite RSA's specialization in IT security products for the world's largest organizations, on March 17, 2011, the company fell victim to a routine cyber attack, leaving the client's and RSA's IT infrastructures vulnerable to other exploits. Executive Chairman, Art C...... middle of paper ......all the factors for strong authentication solutions. Initially, RSA refused to disclose certain details of the attack to customers for mitigation purposes; this left customers dissatisfied and upset. Several companies expressed concern about the lack of information about the attack (Green 2011). Works CitedRSA Security Inc. (2010). Brief solution: RSASecurID two-factor authentication. Retrieved from http://www.rsa.com/products/securid/sb/10695_SIDTFA_SB_0210.pdfGreen, T. (2012). RSA: Unapologetic seeks to reach beyond the breach. Network world. Retrieved from http://www.networkworld.com/news/2012/011912-rsa-breach-255042.htmlCoviello, A. (2011). Open letter to RSA SecurID customers. RSA Security Division of EMC. Retrieved from http://www.rsa.com/node.aspx?id=3891King, R. (2011). EMC's RSA security breach could cost bank customers $100 million. Retrieved from