fbpx
Contact us for Pricing or Questions:      (888) 682-5335          *We Ship Worldwide

Used IBM Servers | New Power9 Systems | QRadar SIEM Security

IBM i MFA and Password Self-Service: A winning combination

IBMi_MFA_and_passwords
Implementing IBM i Multi Factor Authentication (MFA) and Password Self-Service (PSS) as an integrated solution allows companies to enjoy the cost savings of automation, while enhancing IBM i security and addressing compliance requirements at the same time. On the surface, IBM i MFA, Password Self-Service and 2FA software solutions already have a lot in common. If you are thinking of implementing IBM i MFA, 2FA or Password Self Service, you may want to consider implementing them together to gain both the cost savings and security benefits. CautionWhen buying any IBM i MFA Multi-Factor Authentication, 2FA Two-Factor Authentication or PSS Password Self-Service software solution, it is important to note, most compliance regulations require a single step authentication process to be used, as multi step authentication have been proven to be insecure. IBM i MFA, 2FA and PSS solutions will either use authentication factors or need answers to security questions, which will then use either a single or in multiple step process. In a multi-step authentication process, users will complete a validation process successfully, and then be presented with a new screen for the next authentication factor or question. This security flaw allows a hacker to confirm a user’s security screening information. Single-step authentication performs the entire validation process from one screen, which prevents the hacker from confirming which one failed. IT departments planning on MFA, 2FA and PSS solutions should also be aware of security vulnerabilities of SMS based text and link resets for users, as they have been successfully hacked and commonly being reported in the news recently. Most security experts are now recommending using an app for verification or to generate codes and tokens. MFA and 2FA Common Use CasesCompliance is the primary reason companies are implementing MFA and 2FA. However, multi-factor authentication provides many other benefits. Companies that have strengthened password policies for various reasons, will likely also find Help Desk calls have risen significantly. Although complex passwords serve a purpose, they can be counterproductive and have unintended consequences. The worst one, people storing passwords in a file on their computer or the network. In this one example alone,...
Continue reading
  1368 Views
  0 Comments
1368 Views
0 Comments

IBM i Multi-Factor Authentication for MFA Compliance

Security_Cover_Stock
IBM i Multi-Factor Authentication (MFA) is a critical cybersecurity defense required by PCI, FFIEC and 23 NYCRR 500 in Section 500.12b, stating any company providing financial services within the state of New York must implement MFA to protect system data and applications for all users that have external network access, or use an approved access control equivalent. IBM i Multi Factor Authentication prices are very affordable, simple to implement and provide the quickest means to protect against the cybersecurity threats 23 NYCRR 500 was drafted to address. There are companies claiming the price of MFA solutions are too expensive or too complicated to implement. These companies are likely the same companies that score security defenses as their number one priority each year, yet have made minimal effort to circumvent the simplest security vulnerabilities that only require effort. Why does 23 NYCRR 500 require Multi-Factor Authentication? The majority of all security breaches are the result of poor user authentication practices, phishing scams and related credential thefts, so the state of New York made Multi-Factor Authentication a commonsense cybersecurity defense requirement. Although the IBM i has traditionally not been as susceptible to most cybersecurity threats like other platforms, with the adoption of SSO, EIM and other cross-platform integration efforts, implementing MFA will only enhance the platform’s security posture. Unlike PCI, the 23 NYCRR 500 requirements affects companies of every size equally. In addition to implementing IBM i Multi-Factor Authentication, the OS400 has many other security and access controls that can be enforced to tighten security. Simply strengthening system value password policies for example, can significantly affect chances of a security breach. IBM i MFA forces users to authenticate with at least two different pieces of artifacts in addition to a user name and password to ensures their identity, which significantly reduce the chances a hacker or criminal can gain access. The odds a hacker could both guess, locate or steal a user's password and use one of the additional authentication factors is extremely low. The additional authentication factors must include at least two of the following three categories: A user’s knowledge (e.g.: password,...
Continue reading
  1852 Views
  0 Comments
1852 Views
0 Comments