The SecureID system includes an authentication manager and hardware and software tokens used in many forms for two-factor authentication. Should customers, after learning what they have so far about this data breach at RSA, be inclined to buy SecurID? Has RSA -- which has a broad line of security products for access control, anti-fraud monitoring, security information management, encryption, and governance and compliance and is undertaking to build a cloud-security product -- suffered a body blow to its reputation from which it will take long to recover?
So far, the reaction seems to be a muted wait-and-see attitude.
"Time is the teller," says Alex Naveira, information technology security officer at Miami's Children's Hospital, who notes RSA has had a "solid reputation" for a long time. He doesn't use SecurID today but based on what's known so far about RSA's cyberattack, he wouldn't dismiss RSA because of it.
Scott Crawford, research director, security and risk management at consultancy Enterprise Management Associates, says it would be "useful" if RSA put out more information. But so far he says the fact that RSA has acknowledged it's become the victim of stealthy cyberattack aimed at infiltrating and stealing information (RSA itself refers to itself as an advanced persistent threat) is not cause enough to stop using SecurID or drop RSA as a vendor.
There are bound to be concerns, since SecurID tokens are typically used for high-value transactions, he points out, such as in financial transaction or network administrative control function. And until RSA provides more information, there will be a lot of questions about what happened at RSA and how the attack took place.
In the "RSA SecurCare" note that RSA sent out to its customers, which alludes to the "extremely sophisticated cyber attack" that was identified, RSA lists a set of recommendations for SecurID customers. The fact that the first one is, "We recommend customers increase their focus on security for social media applications and the use of those applications and websites by anyone with access to their critical networks," raises a few eye-brows.
"It's interesting they mention social media first," said Crawford. While it's not clear why that might be, making social media the top of the list of nine specific recommendations suggests RSA perceives some specific risks there. "Perhaps it's the information that can be gleaned about people or that it can be a way to propagate malware," says Crawford.
Read more about wide area network in Network World's Wide Area Network section.