At it’s press conference earlier today Sony announced how it plans to prevents future attacks on it’s network services. The plan includes expediting a physical server move, a new position in the company and further security measures in the system.
Sony had apparently already been planning to move it’s servers from San Diego to a new data center, and these attacks have expedited the process. Sony isn’t saying where the new data center is, only that it will be in a different location that’s bee under construction for months. To help monitor the servers and the network, Sony will hire a Chief Information Security Officer that will report directly to the Chief Information Officer of Sony. The new position should mean that there is someone in Sony who is always looking after their online customers’ data and privacy.
To make sure those servers are more secure, Sony will be adding new security measure which include:
- Added automated software monitoring and configuration management to help defend against new attacks
- Enhanced levels of data protection and encryption
- Enhanced ability to detect software intrusions within the network, unauthorized access and unusual activity patterns
- Implementation of additional firewalls
There could be more, but those are the features Sony made point to highlight. They all seem like good ideas, especially the enhanced encryption. It would have been nice if our personal data was encrypted in the first place, however.
On the user side, Sony will be issuing a firmware update to the PS3 when PSN is working again. It will require users to change their password for the service. To make sure the passwords are changed by anyone other than the account holders, they can only be changed on the system they were created or activated on, or through email. During the press conference it was mentioned that users should change their passwords on all other accounts that may have had the same password, especially the email used to sign up for PSN.
Read [PlayStation Blog]