by Josh Arrington
RSA SecurID Customers Need to Boost Vigilance, Other Network Defenses
Following RSA’s announcement of a data breach, there’s really nothing for SecurID customers to do but to monitor their systems in hopes of foiling an attack, if it ever comes.
RSA Security, a division of storage giant EMC, announced late March 17 it had been breached by attackers and that some information about its SecurID two-factor authentication technology has been stolen. The company declined to specify what was stolen, nor did it provide any information on how the data breach occurred.
RSA encouraged customers to look for suspicious login activity and monitor changes in user privileges and access control. Employees should be reminded to not click on unknown links and to be careful about entering account information online, RSA said.
Companies should be enforcing the rule of “least privilege” for users and security administrators, Adam Bosnian, executive vice president of Americas and corporate development at Cyber-Ark, told eWEEK. Only the amount of privilege necessary for a given activity should be assigned, instead of providing “full, unfettered access” to the enterprise, he said.