RSA rival SafeNet has taken a swipe at the company for only replacing compromised tokens for select customers, and has offered a series of remediation steps for those left out.
The company will replace SecurID tokens compromised in a March attack on its systems for customers with "concentrated user bases typically focused on protecting intellectual property and corporate networks".
It offered risk-based authentication strategies for consumer-focused customers "with a large, dispersed user base, typically focused on protecting web-based financial transactions".
"In other words, if RSA views your data to be valuable enough to secure, then they say they will replace your potentially compromised SecurID tokens," SafeNet Asia Pacific vice president Humphrey Chan said.
"Beyond asking themselves if they are lucky enough to be considered for a replacement, customers should really be asking if replacing old tokens with new ones actually solves the problem."
Chan said companies should ensure they do not have a single point of failure and focus on network hardening.
"If this conversation stays limited to one-time-password authentication and token swaps, then we haven’t learned anything."
The company's director of government security solutions, Chris Ensey, offered security remediation tips for affected companies.
RSA was contacted for comment.
Copyright © SC Magazine, Australia
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.