RSA ID Plus Service Incident (NA3 Authentication Service)
Incident Report for RSA ID Plus
Postmortem

On October 10, 2024, between approximately 12:50 and 13:30 UTC, a service degradation affected a subset of our North American customers utilizing our NA3 authentication service. This degradation may have resulted in slower-than-normal performance and increased authentication failure rates for users.

The incident was triggered by a combination of post-upgrade activities and atypical authentication traffic patterns. While our scaling infrastructure promptly detected the issue and initiated mitigation efforts, the initial responses were insufficient to fully prevent customer impact. As a result, additional resources were deployed to restore service to normal operating thresholds.

Mitigations

In response to this incident, RSA is committed to enhancing the ID Plus service and its associated processes. Our proactive steps include:

·        Scaling Enhancements: Fine-tuning our service parameters to enable even faster scaling to better accommodate shifting authentication traffic patterns.

·        Malicious Traffic Mitigations: Implementing additional protective measures and alerting mechanisms for customers experiencing password spraying attacks. Many of these enhancements have already been deployed as optional features, with further improvements scheduled for upcoming releases. Furthermore, we are integrating additional mitigations into our core service to strengthen our defenses.

·        Over-Provisioning Strategy: Increasing baseline deployment capacity as a precautionary measure until our scaling enhancements are fully operational.

Posted Oct 28, 2024 - 11:38 UTC

Resolved
The issue affecting RSA ID Plus has been corrected. The SaaS Operations team is monitoring the fix.

We will post a root cause analysis as soon as it is available.
Posted Oct 10, 2024 - 14:34 UTC
Monitoring
RSA acknowledges that some of our North American customers on our NA3 Authentication Service experienced degraded service, including delays and intermittent authentication failures, between approximately 01:00 and 01:36 UTC on October 10, 2024. We are actively working on this issue, and have implemented several mitigations to resolve the issue. We will provide further details as soon as they become available.
Posted Oct 10, 2024 - 13:54 UTC
This incident affected: NA (na3.access Administration Console, na3.access Authentication Service).