Incident & Breach Response , Managed Detection & Response (MDR) , Security Operations

9 Ways to Help Safeguard RSA's SecurID

RSA Strongly Urges Customers to Act Immediately
9 Ways to Help Safeguard RSA's SecurID
Security vendor RSA is providing remediation steps for customers to strengthen their RSA SecurID implementations in light of an advanced persistent threat attack against the company, which it says was directed at its SecurID two-factor authentication product (see Hackers Target RSA's SecurID Products).

Here are the nine steps RSA recommends customers take:

1. Increase focus on security for social media applications and the use of those applications and websites by anyone with access to their critical networks.

2. Enforce strong password and PIN policies.

3. Follow the rule of least privilege when assigning roles and responsibilities to security administrators.

4. Re-educate employees on the importance of avoiding suspicious emails, and remind them not to provide user names or other credentials to anyone without verifying that person's identity and authority. Employees should not comply with email or phone-based requests for credentials and should report any such attempts.

5. Pay special attention to security around their active directories, making full use of their SIEM (Security Information and Event Management) products and implement two-factor authentication to control access to active directories.

6. Watch closely for changes in user privilege levels and access rights using security monitoring technologies such as SIEM, and consider adding more levels of manual approval for those changes.

7. Harden, closely monitor and limit remote and physical access to infrastructure that is hosting critical security software.

8. Examine help desk practices for information leakage that could help an attacker perform a social engineering attack..

9. Update security products and the operating systems hosting them with the latest patches.

"We strongly urge immediate customer attention to this advisory," the company said.

About the Author

Information Security Media Group

Information Security Media Group (ISMG) is the world's largest media company devoted to information security and risk management. Each of its 37 media sites provides relevant education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Its yearly global summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.