An incident March 15th 09:22PM UTC – March 16th 01:18AM UTC prevented users from registering new authenticators. Once our customer support team notified us that customers were reporting issues with authenticator registration, our Operations and Engineering teams rapidly identified and mitigated the issue.  

Prior to the incident, RSA SecurID SaaS Operations was performing a key rotation exercise. During this exercise, an access policy permission set was inadvertently updated, locking out read rights to the services utilized for authenticator registrations. The faulty permission set update was further diagnosed to an SDK incompatibility. The Operations teams mitigated the issue by manually correcting permissions on the impacted policies. 

RECOVERY  

RSA is continuously taking steps to improve the RSA SecurID Access service and our processes to help ensure such incidents do not occur in the future. In this case, steps include (but are not limited to):  

• SecurID SaaS Operations has added additional monitoring specific to the authenticator registration service access policies. 
• Engineering has done a full audit of usages of the impacted SDK. All services have been migrated off the incompatible version. 
• Additional automated testing has been added to validate the SDK in use is current for future releases.