IBM Systems Magazine, Mainframe - May/June 2016 - 44

ADMINISTRATOR

DOUBLING Security Efforts
IBM Multi-Factor Authentication for z/OS helps maintain a secure infrastructure

A

n explosion of malicious attacks of increasing sophistication on computer
systems has occurred recently. According to the "IBM 2015 Cyber Security
Intelligence Index" (ibm.co/1QGPpSu), in 2014, unauthorized access topped
the list of incident categories affecting the top five industries named in this report,
comprising about 37 percent of total incidents. The increased use of low-cost and
powerful password cracking systems has made attacks much easier, placing the
burden on organizations to increase their levels of defense.
Barbara
Sannerud
is responsible
for z Systems
Enablement
and has 25
years of industry
experience in
servers, software
and services,
with a focus on
risk and security
management.
John
Petreshock,
project
management
professional,
is z Systems
security offering
manager with
19 years of
experience
covering
development,
test and product
management
focusing
on z Systems
security.

IBM Multi-Factor
Authentication (MFA) for
z/OS* provides a way to
raise the assurance level
of user authentication
to z/OS applications and
hosting environments
by allowing the use of
multiple authentication factors.
IBM MFA for z/OS is tightly
integrated with z/OS Security
Server (RACF*), which stores
configuration and provisioning
data, and provides an SMF audit
trail to track authentication
factors. IBM MFA can also help
provide security administrators
with the ability to enforce a
granular authentication policy
on a per-user basis.
Nearly 60 percent of security
leaders interviewed in a 2014 IBM
CISO assessment claim that the
sophistication of attackers was
outstripping the sophistication
of their organizations' defenses
(ibm.co/1pbkJl6). More than 80
percent of security leaders have
seen external threat increases
in the past three years, and
it's currently viewed as a top
challenge (see Figure 1, page 46).

44 // MAY/JUNE 2016 ibmsystemsmag.com

In addition, regulations such as
PCI DSS and government ID cards
are driving the need for MFA as a
requirement for compliance.
Mobile and cloud architectures
make it imperative to reduce
the risk of external threats,
raising questions about the
adequacy of password protection.
Many passwords use common
defaults that are easily guessed.
Password vulnerabilities
were named in several high
profile hacks in recent years,

and the 2014 Verizon Data
Breach Investigation Report
(vz.to/1LUXJRR) states that use
of stolen credentials has become
a top threat, where 95 percent
of incidents involve harvesting
credentials stolen from customer
devices and logging into Web
applications with them. More
than 1 billion personal data
records were reported stolen
in 2014 alone, most of which
contained user passwords
(ibm.co/1UNZ3aW).

Multifactor
Authentication Explained
Three factors are identified as the cornerstone
of authentication:
1. Something you know (e.g., a password)
2. Something you have (e.g., a one-time password
or a cryptographic key)
3. Something you are (e.g., a fingerprint or other
biometric data)
The multifactor authentication method refers to the use of
more than one of the aforementioned factors.
-NIST publication SP 800-63-1


http://ibm.co/1QGPpSu http://www.vz.to/1LUXJRR http://ibm.co/1UNZ3aW http://ibm.co/1pbkJl6 http://www.ibmsystemsmag.com

IBM Systems Magazine, Mainframe - May/June 2016

Table of Contents for the Digital Edition of IBM Systems Magazine, Mainframe - May/June 2016

Table of Contents
Editor's Desk: Flexible and agile environment
IBM Perspective: Elevating open source for the enterprise
Partner PoV: New information about threats in the z/OS system improves performance
The new IBM z13 can consolidate Linux workloads at a lower cost
Focus on Storage: IBM Spectrum Storage Suite offers a new way of licensing storage software
Cover Story: Achieving An Advantage: Linux on z Systems enables the API economy and microservices while enhancing hybrid cloud solutions
Feature: A Better Option: Businesses see an advantage to using Linux on z Systems over scale-out servers
Tech Showcase: CISOs can mitigate mobile security fears and prevent issues in the workplace
Tech Corner: IBM DB2 on z/OS V2.2 features space and storage ehancements
Administrator: IBM Multi-Factor Authentication fo z/OS helps maintain a secure infrastructure
Solutions: Universal Data Manager; OpenLegacy V3.0
Stop Run: 19-year-old mainframe enthusiast installs a z890 in his parents' basement
Reference Point - Global Events, Education, Resources for Mainframe
2016 Mainframe Solutions Edition Product Index
IBM Systems Magazine, Mainframe - May/June 2016 - Intro
IBM Systems Magazine, Mainframe - May/June 2016 - Cover1
IBM Systems Magazine, Mainframe - May/June 2016 - Cover2
IBM Systems Magazine, Mainframe - May/June 2016 - 1
IBM Systems Magazine, Mainframe - May/June 2016 - Table of Contents
IBM Systems Magazine, Mainframe - May/June 2016 - 3
IBM Systems Magazine, Mainframe - May/June 2016 - 4
IBM Systems Magazine, Mainframe - May/June 2016 - 5
IBM Systems Magazine, Mainframe - May/June 2016 - Editor's Desk: Flexible and agile environment
IBM Systems Magazine, Mainframe - May/June 2016 - 7
IBM Systems Magazine, Mainframe - May/June 2016 - IBM Perspective: Elevating open source for the enterprise
IBM Systems Magazine, Mainframe - May/June 2016 - Partner PoV: New information about threats in the z/OS system improves performance
IBM Systems Magazine, Mainframe - May/June 2016 - 10
IBM Systems Magazine, Mainframe - May/June 2016 - The new IBM z13 can consolidate Linux workloads at a lower cost
IBM Systems Magazine, Mainframe - May/June 2016 - 12
IBM Systems Magazine, Mainframe - May/June 2016 - 13
IBM Systems Magazine, Mainframe - May/June 2016 - 14
IBM Systems Magazine, Mainframe - May/June 2016 - Focus on Storage: IBM Spectrum Storage Suite offers a new way of licensing storage software
IBM Systems Magazine, Mainframe - May/June 2016 - 16
IBM Systems Magazine, Mainframe - May/June 2016 - 17
IBM Systems Magazine, Mainframe - May/June 2016 - Cover Story: Achieving An Advantage: Linux on z Systems enables the API economy and microservices while enhancing hybrid cloud solutions
IBM Systems Magazine, Mainframe - May/June 2016 - 19
IBM Systems Magazine, Mainframe - May/June 2016 - 20
IBM Systems Magazine, Mainframe - May/June 2016 - 21
IBM Systems Magazine, Mainframe - May/June 2016 - Feature: A Better Option: Businesses see an advantage to using Linux on z Systems over scale-out servers
IBM Systems Magazine, Mainframe - May/June 2016 - 23
IBM Systems Magazine, Mainframe - May/June 2016 - 24
IBM Systems Magazine, Mainframe - May/June 2016 - 25
IBM Systems Magazine, Mainframe - May/June 2016 - 26
IBM Systems Magazine, Mainframe - May/June 2016 - Tech Showcase: CISOs can mitigate mobile security fears and prevent issues in the workplace
IBM Systems Magazine, Mainframe - May/June 2016 - 28
IBM Systems Magazine, Mainframe - May/June 2016 - 29
IBM Systems Magazine, Mainframe - May/June 2016 - 30
IBM Systems Magazine, Mainframe - May/June 2016 - 31
IBM Systems Magazine, Mainframe - May/June 2016 - 32
IBM Systems Magazine, Mainframe - May/June 2016 - 33
IBM Systems Magazine, Mainframe - May/June 2016 - 34
IBM Systems Magazine, Mainframe - May/June 2016 - 35
IBM Systems Magazine, Mainframe - May/June 2016 - 36
IBM Systems Magazine, Mainframe - May/June 2016 - 37
IBM Systems Magazine, Mainframe - May/June 2016 - 38
IBM Systems Magazine, Mainframe - May/June 2016 - 39
IBM Systems Magazine, Mainframe - May/June 2016 - Tech Corner: IBM DB2 on z/OS V2.2 features space and storage ehancements
IBM Systems Magazine, Mainframe - May/June 2016 - 41
IBM Systems Magazine, Mainframe - May/June 2016 - 42
IBM Systems Magazine, Mainframe - May/June 2016 - 43
IBM Systems Magazine, Mainframe - May/June 2016 - Administrator: IBM Multi-Factor Authentication fo z/OS helps maintain a secure infrastructure
IBM Systems Magazine, Mainframe - May/June 2016 - 45
IBM Systems Magazine, Mainframe - May/June 2016 - 46
IBM Systems Magazine, Mainframe - May/June 2016 - Solutions: Universal Data Manager; OpenLegacy V3.0
IBM Systems Magazine, Mainframe - May/June 2016 - Stop Run: 19-year-old mainframe enthusiast installs a z890 in his parents' basement
IBM Systems Magazine, Mainframe - May/June 2016 - Cover3
IBM Systems Magazine, Mainframe - May/June 2016 - Cover4
IBM Systems Magazine, Mainframe - May/June 2016 - Reference Point - Global Events, Education, Resources for Mainframe
IBM Systems Magazine, Mainframe - May/June 2016 - 2016 Mainframe Solutions Edition Product Index
IBM Systems Magazine, Mainframe - May/June 2016 - SE2
IBM Systems Magazine, Mainframe - May/June 2016 - SE3
IBM Systems Magazine, Mainframe - May/June 2016 - SE4
IBM Systems Magazine, Mainframe - May/June 2016 - SE5
http://www.ibmsystemsmagmainframedigital.com/mspcomm/ibmsystemsmag/ibmsystems_mainframe_20200910
http://www.ibmsystemsmagmainframedigital.com/mspcomm/ibmsystemsmag/ibmsystems_mainframe_20200708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2020mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20191112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/relevantz_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2019mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20181112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2018mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20171112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_sesupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_linuxsupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20161112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/MainframeSecurity
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20151112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910_se
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910
http://www.ibmsystemsmagmainframedigital.com/MFSkills
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506_supp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20141112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_gt_201405
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/BigData
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20131112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20121112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/buyersguide2013
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/ibmsystems_mainframe_2012bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20111112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20101112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910_bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20091112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090506
https://www.nxtbook.com/nxtbooks/ibmsystemsmag/mainframe_20090304
https://www.nxtbookmedia.com