AMP is in the process of replacing its RSA SecurID tokens, joining other companies that have made similar measures after it was revealed that compromised tokens were used in the security breach at defence contractor Lockheed Martin earlier this year.
The financial organisation told ZDNet Australia that it has undertaken a token replacement program for staff working outside of the office.
"This was done after an internal assessment that factored in potential future breach risks," AMP said.
It had declined to comment on whether this assessment included any advice from RSA for the replacement of tokens. However, AMP said that while the risks were "extremely low", it said its priority was "to maintain a high level of security", suggesting that the replacement was more of a precautionary measure.
It is a similar approach taken by Westpac and ANZ, which stated they will replace its tokens. It is also the advice issued by the Defence Signals Directorate, the agency responsible for setting government security policy, and heeded by the Australian Tax Office.
In contrast, the National Australia Bank and the Commonwealth Bank of Australia have decided to continue using their existing fleet of tokens, although they haven't completely ruled out a replacement in the future.
ZDNet Australia understands that AMP staff were notified several weeks ago of the replacement program, but the new tokens are yet to arrive. In the meantime, staff have reported that they are still using their old tokens.