Overclock.net › Forums › Industry News › Technology and Science News › [Darkreading] RSA offers SecureID recall
New Posts  All Forums:Forum Nav:

[Darkreading] RSA offers SecureID recall - Page 2

post #11 of 16
^^^
I think even if it is a two person company - they should be able to have their shoddy goods replaced, free of charge. That is my point. It just seems that the release is too vague - rather than just sucking it up and replacing all of the tags that can be breached.

I think the computing world should have at least the same level of lemon protection that the automotive industry is subject to, with no vagueness and no exceptions when it comes to shoddy goods.
post #12 of 16
Quote:
Originally Posted by trueg50 View Post
Exactly.

Each token is about $10-$15 each, so the cost to replace a couple million isn't too bad, especially considering the cost the defense contractors could sue for when "some one" steals their weapons designs.
Whoa, whoa, whoa there. These tokens costs more than that for smaller companies with less than 2,000 tokens. Try more like $55.00 before you add in maintenance costs. RSA SecurID is a huge bucks to maintain for smaller businesses which require their use.

Some basic math here: 2,000 * $55.00 = $110,000 and this is before you add in annual maintenance contracts around the infrastructure.

The 110K is merely the tip of the iceberg.

Another thing this doesn't take into account is the actual replacement of these things. I work in an organization which requires the use of RSA tokens which could potentially have to reissue its entire stock, many of which are issued to 3rd part entities etc... Think of mailing costs (secure mail and insured) and time and effort to facilitate such an endeavor.
post #13 of 16
Thread Starter 
Quote:
Originally Posted by MekoSuka View Post
Whoa, whoa, whoa there. These tokens costs more than that for smaller companies with less than 2,000 tokens. Try more like $55.00 before you add in maintenance costs. RSA SecurID is a huge bucks to maintain for smaller businesses which require their use.

Some basic math here: 2,000 * $55.00 = $110,000 and this is before you add in annual maintenance contracts around the infrastructure.

The 110K is merely the tip of the iceberg.

Another thing this doesn't take into account is the actual replacement of these things. I work in an organization which requires the use of RSA tokens which could potentially have to reissue its entire stock, many of which are issued to 3rd part entities etc... Think of mailing costs (secure mail and insured) and time and effort to facilitate such an endeavor.
Woops, yea, just looked it up, ~$53 per token for us. Cost per token wouldn't be a problem, as RSA would be replacing them, which might actually save some money when they replace tokens with 2.5 years "more life" with ones that have 3 years of life. I wonder how they will handle 3 year tokens that have 6 -12 months of life left; will they replace them with 3 year tokens, or 1 year ones (do they have ones like that? we only deal with 3 year models)?

The biggest problem for us and most places would be the collecting, mailing in, and reissuing (going into the RSA server and re associating 2000 tokens with the correct 2000 users).
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
post #14 of 16
Quote:
Originally Posted by trueg50 View Post
Woops, yea, just looked it up, ~$53 per token for us. Cost per token wouldn't be a problem, as RSA would be replacing them, which might actually save some money when they replace tokens with 2.5 years "more life" with ones that have 3 years of life. I wonder how they will handle 3 year tokens that have 6 -12 months of life left; will they replace them with 3 year tokens, or 1 year ones (do they have ones like that? we only deal with 3 year models)?

The biggest problem for us and most places would be the collecting, mailing in, and reissuing (going into the RSA server and re associating 2000 tokens with the correct 2000 users).
Yea I was just more inclined to say that it's more expensive than the 10-15$ per token. While realizing the tokens would be covered in their replacement by RSA, there is other intangible costs here such as relationships between 3rd parties who are issued tokens by companies who purchased and use them for secure remote access. The hassle of shipping back tokens or just having to deal with token replacement in general is a hassle non-technical folks just don't want to have to deal with. So this affects far more people than just those who buy and distribute tokens. It also affects companies who work or do business with companies that purchased these things in the first place.
Edited by MekoSuka - 6/7/11 at 8:03am
post #15 of 16
Thread Starter 
Quote:
Originally Posted by MekoSuka View Post
Yea I was just more inclined to say that it's more expensive than the 10-15$ per token. While realizing the tokens would be covered in their replacement by RSA, there is other intangible costs here such as relationships between 3rd parties who are issued tokens by companies who purchased and use them for secure remote access. The hassle of shipping back tokens or just having to deal with token replacement in general is a hassle non-technical folks just don't want to have to deal with. So this affects far more people than just those who buy and distribute tokens. It also affects companies who work or do business with companies that purchased these things in the first place.
Very true, but we will have to see how they handle it. If they replace all tokens, and provide monitoring, then it could help them (by showing just how supportive they are).

I am really curious if they will bother with collection at all. The tokens are disposable (IE not repairable), so will they just see "oh you have 400 tokens, we will mail you 400 new ones" or if they will require you send in the 400 before getting new ones.
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
post #16 of 16
Quote:
Originally Posted by MekoSuka View Post
Whoa, whoa, whoa there. These tokens costs more than that for smaller companies with less than 2,000 tokens. Try more like $55.00 before you add in maintenance costs. RSA SecurID is a huge bucks to maintain for smaller businesses which require their use.

Some basic math here: 2,000 * $55.00 = $110,000 and this is before you add in annual maintenance contracts around the infrastructure.

The 110K is merely the tip of the iceberg.

Another thing this doesn't take into account is the actual replacement of these things. I work in an organization which requires the use of RSA tokens which could potentially have to reissue its entire stock, many of which are issued to 3rd part entities etc... Think of mailing costs (secure mail and insured) and time and effort to facilitate such an endeavor.
But that $55 charge is most profits for RSA and includes customer service/support/insurance.

The devices themselves probably cost less than $3 to manufacturer. From RSA's prospective, it will be much less than $55 for replacement.

I don't think they even use secure mail and they will be sending in bulk.

It won't be cheap but it won't be that expensive either.
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Technology and Science News
Overclock.net › Forums › Industry News › Technology and Science News › [Darkreading] RSA offers SecureID recall