Rivals move to plug gap left by RSA uncertainty

Rivals have moved to plug the gap left by the uncertainty caused by the RSA server breach offering alternative protection as a well known research firm warns users not to use tokens that might have been compromised. With criminals hacking into RSA's SecurID servers, which store details used as part

Rivals have moved to plug the gap left by the uncertainty caused by the RSA server breach offering alternative protection as a well known research firm warns users not to use tokens that might have been compromised.

With criminals hacking into RSA's SecurID servers, which store details used as part of the two-factor authentication process, the discussion of the details of the attack has widened to cover the alternatives offered by token-less systems.

Those pushing alternatives have been bolstered by the views of security research specialists NSS Labs which has reacted to the RSA breach with a warning that could impact tens of thousands of users.

"NSS Labs recommends that RSA clients who use SecureID to protect sensitive information should consider eliminating remote access until this is resolved; perform an impact assessment of systems using this technology and identify critical assets and potential risks," it stated.

Then in a sentence that is manna from heaven to RSA's rivals it stated: "Furthermore, RSA clients should consider alternative 2-factor authentication solutions."

Even before that advice had been issued by NSS Labs, rivals had stepped up to deal with customer uncertainty, with IronKey focusing on banking customers and SecurEnvoy launching an offer of a free 30-day trial of its token-less product to any RSA licence holder.

Andrew Kemshall, technical director and co-founder of SecurEnvoy, said that there was a great deal of uncertainty across the RSA user base and channel and the channel could offer an alternative.

He added that because it didn't store details on centralised servers there would be customers keen to hear about other approaches to two-factor authentication.

Elsewhere others in the two-factor authentication market have also reacted to the fall out from the RSA breach.

"Criminals used an Advanced Persistent Threat (APT) attack to breach the RSA SecurID infrastructure, and can now combine that information with data-stealing malware in order to compromise high value online banking sites," said Dave Jevans, IronKey's founder and chairman.

"IronKey is already working with banks impacted by the RSA SecurID data breach in order to protect their customers," he added.

MicroScope+

Content

Find more MicroScope+ content and other member only offers, here.

Read more on Data Protection Services

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

ComputerWeekly

SearchITChannel

Close