Security, et al

Randy's Blog on Infosec and Other Stuff

«  How to Audit an Individua... | Intelligent Whitelisting ... »

Don't Miss the Real Point about the RSA SecurID Debacle

Wed, 08 Jun 2011 12:50:41 GMT

I was just reading about the CEO of Lieberman Software and his rant about RSA SecurID.  Talk about kicking them when they're down!  He reportedly accuses RSA of letting SecurID languish.  I don't know if RSA has done that or not.  But what I do know is that anyone can get hacked.  RSA, Lieberman Software, you name it...

So instead of just switching to different strong authentication provider smart organizations are going to look for a strategic way to protect themselves against any of their vendors who might get hacked - especially their authentication vendors.

You should be able to plug and play / mix and match tokens and other strong authentication methods without ripping out your infrastructure, without implementing multiple proprietary authentication servers.  You should be able to use the right token/method for each unique situation in your organization and you should be able to phase out a vendor that gets hacked without major disruption to your users and network.

That's not pie in the sky.  This is all possible when you leverage the OATH framework and select authentication vendors that embrace and support OATH standards.  I just did a webinar on OATH and its relevance to this whole SecurID situation. The recording is at Quest Software who sponsored the webinar.  They were the right sponsor as you will see when then demontrate their Defender solution which is the best implementation of the whole OATH concept that I've seen.  To watch the webinar click here

email this digg reddit dzone
comments (0)references (0)

5 Indicators of Endpoint Evil
Live with Dell at RSA 2015
Auditing Privileged Operations and Mailbox Access in Office 365 Exchange Online
The Year I Started Being Afraid

Comments disabled

powered by Bloget™


Recent Blogs


Additional Resources