May 31, 2011 11:55:35 AM
RSA SecurID and Lockheed Martin Breach

CIOs, CSOs and IT Security personnel are confronted with the realization that the RSA SecurID breach may have impacts that extend well beyond RSA itself, and into its customer base. While the admission of a breach at RSA this past March is cause for alarm, the recent event at Lockheed Martin should also inspire action. It is widely reported that the breach on Lockheed Martin’s VPN was executed by spoofing RSA Secure ID tokens. The spoofing of those tokens likely involved at least some information gained as a result of the breach at RSA.

The reality of this recent attack clearly illustrates the need for organizations to constantly review IT security and make adjustments and changes to technology and policies as things change. Security is a process, not a point in time event to check off a to-do list. Whether you use RSA Secure ID or other technologies, user authentication should not be your only defense against unauthorized access to your network.

So, how do you prevent your company from being the next IT security headline? First by being proactive. Implement changes to secure your remote access system now. A simple step like preventing unauthorized machines from getting VPN or network access will significantly reduce the risk of a hacker gaining access to your network. Longer term you will likely need to reevaluate your company’s 2-factor authentication strategies. Consider 2-factor authentication technologies that will support multiple access methods (e.g., VPN, Network logon, Cloud based services), and grow with the organization as new services are introduced without requiring additional expenditures for hardware or software.

Perhaps the most valuable lesson we can learn from the events of the past few months is to take action now. Security requires forethought, planning and proper execution. A cohesive security strategy does not just happen and it does take time. Taking steps now to minimize the risk should fit into a longer term goal of increased security across the organization not just stop-gap measures until the next security threat comes to light.

While security comes in many shapes and sizes, it sometimes seems there are more products available than problems to solve. Some core technologies should be considered. An enterprise PKI solution will allow for certificates to be issued to both devices and users to provide a stronger method of access and authorization. For portability and 2 factor authentication, smart cards or tokens can be leveraged. These technologies have become mainstream and most operating systems support certificates and smartcards without the need for 3rd party software.