Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

SecurEnvoy Comments On Damage Potential Of RSA SecurID Token Replacement

SecurEnvoy : 08 June, 2011  (Technical Article)
Replacement of SecurID tokens for 40 million RSA customers following Lockheed Martin breech will result in unacceptably high financial and environmental costs, according to SecurEnvoy

News that RSA, the security division of EMC, has announced plans to replace all 40 million of the SecurID tokens issued to its clients - following the recent cyberattack against Lockheed Martin - has been called a disaster in financial and ecological terms by SecurEnvoy.

According to Andrew Kemshall, the two-factor authentication specialist's co-founder, the deployment costs for RSA's clients will cost around four billion pounds, whilst the environmental cost will work at around 4.3 million tonnes of CO2.

"Our observations suggest that the on-costs of deploying a single SecurID token is around £100.00 per token - this includes the direct and indirect costs for the organisation concerned," he said.

"And then there is the environmental costs, which our Web site calculates at 4.3 million tonnes of Co2 - the equivalent of flying around the world 500,000 times in terms of the effect on the environment," he added.

To put that in perspective, Kemshall went on to say, this is equivalent of chopping down 240 million trees.

Given the financial and ecological implications of the RSA SecurID rollout - which are quite breathtaking - you actually have to question as whether the SecurID deployment is really necessary, he says.

"If it is necessary, then we recommend that businesses should start seriously thinking about switching to a tokenless authentication system - especially given the rising number of corporate hacks in recent months, which indicates that enhanced security should now be a watchword," he explained.

The SecurEnvoy co-founder says that his firm's research at the Infosecurity Europe show in April of this year revealed that 38 per cent of RSA token users were looking for a replacement,

If anything, he noted, this SecurID reissue saga will reinforce the view amongst Infosecurity Europe attendees that more than a third of users are desperate for change.

"Against the backdrop of this survey, I wonder how many users of two-factor authentication will now be questioning the wisdom of using a hardware-based token system, when the benefits of using a software token - which include significantly lower on-costs and faster deployments - are now becoming apparent," he said.

"And this is before we even begin to calculate the costs - as mandated under the EU's WEEE directive - of securely disposing the old tokens, which have a number of less-than-eco-friendly components built into them," he added.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo