IBM Systems Magazine, Mainframe - May/June 2016 - (Page 44)

ADMINISTRATOR DOUBLING Security Efforts IBM Multi-Factor Authentication for z/OS helps maintain a secure infrastructure A n explosion of malicious attacks of increasing sophistication on computer systems has occurred recently. According to the "IBM 2015 Cyber Security Intelligence Index" (, in 2014, unauthorized access topped the list of incident categories affecting the top five industries named in this report, comprising about 37 percent of total incidents. The increased use of low-cost and powerful password cracking systems has made attacks much easier, placing the burden on organizations to increase their levels of defense. Barbara Sannerud is responsible for z Systems Enablement and has 25 years of industry experience in servers, software and services, with a focus on risk and security management. John Petreshock, project management professional, is z Systems security offering manager with 19 years of experience covering development, test and product management focusing on z Systems security. IBM Multi-Factor Authentication (MFA) for z/OS* provides a way to raise the assurance level of user authentication to z/OS applications and hosting environments by allowing the use of multiple authentication factors. IBM MFA for z/OS is tightly integrated with z/OS Security Server (RACF*), which stores configuration and provisioning data, and provides an SMF audit trail to track authentication factors. IBM MFA can also help provide security administrators with the ability to enforce a granular authentication policy on a per-user basis. Nearly 60 percent of security leaders interviewed in a 2014 IBM CISO assessment claim that the sophistication of attackers was outstripping the sophistication of their organizations' defenses ( More than 80 percent of security leaders have seen external threat increases in the past three years, and it's currently viewed as a top challenge (see Figure 1, page 46). 44 // MAY/JUNE 2016 In addition, regulations such as PCI DSS and government ID cards are driving the need for MFA as a requirement for compliance. Mobile and cloud architectures make it imperative to reduce the risk of external threats, raising questions about the adequacy of password protection. Many passwords use common defaults that are easily guessed. Password vulnerabilities were named in several high profile hacks in recent years, and the 2014 Verizon Data Breach Investigation Report ( states that use of stolen credentials has become a top threat, where 95 percent of incidents involve harvesting credentials stolen from customer devices and logging into Web applications with them. More than 1 billion personal data records were reported stolen in 2014 alone, most of which contained user passwords ( Multifactor Authentication Explained Three factors are identified as the cornerstone of authentication: 1. Something you know (e.g., a password) 2. Something you have (e.g., a one-time password or a cryptographic key) 3. Something you are (e.g., a fingerprint or other biometric data) The multifactor authentication method refers to the use of more than one of the aforementioned factors. -NIST publication SP 800-63-1

Table of Contents for the Digital Edition of IBM Systems Magazine, Mainframe - May/June 2016

Table of Contents
Editor's Desk: Flexible and agile environment
IBM Perspective: Elevating open source for the enterprise
Partner PoV: New information about threats in the z/OS system improves performance
The new IBM z13 can consolidate Linux workloads at a lower cost
Focus on Storage: IBM Spectrum Storage Suite offers a new way of licensing storage software
Cover Story: Achieving An Advantage: Linux on z Systems enables the API economy and microservices while enhancing hybrid cloud solutions
Feature: A Better Option: Businesses see an advantage to using Linux on z Systems over scale-out servers
Tech Showcase: CISOs can mitigate mobile security fears and prevent issues in the workplace
Tech Corner: IBM DB2 on z/OS V2.2 features space and storage ehancements
Administrator: IBM Multi-Factor Authentication fo z/OS helps maintain a secure infrastructure
Solutions: Universal Data Manager; OpenLegacy V3.0
Stop Run: 19-year-old mainframe enthusiast installs a z890 in his parents' basement
Reference Point - Global Events, Education, Resources for Mainframe
2016 Mainframe Solutions Edition Product Index

IBM Systems Magazine, Mainframe - May/June 2016