IBM Systems magazine, Mainframe - November/December 2018 - 38

TE C H BITS

Passwords Won't Cut It in Enterprise Security
Multifactor authentication is a user-friendly upgrade to password-only systems

L

essons of bitter experience
explain why access to computing resources has grown more
onerous to users, albeit much more
secure. Enterprise security teams
know that protecting any IT resource with only one method is an
invitation to trouble. Malicious attackers are on the prowl for inadequately secured systems, especially
ones that can yield up juicy personÄÃÈÄ&ÄÃ!$î Ä ÇÄÃÈÉ&Ä%NÃÃ
That means that passwords-
and any other authentication
methods based purely on knowledge held by the user-aren't
enough to protect your IT resources. Passwords can be compromised
through loss or theft, or can simply
be too weak to face sophisticated
software designed to crack them.
From cloud-based services
(such as webmail services or
remote banking applications) to
end-user devices, user access is
increasingly reliant on multifactor
authentication, whether mandated
or as a smart security upgrade.

The Problem
With Passwords
While passwords in an enterprise
are typically created to be strong
and are regularly changed to meet
security policies, this simply isn't
enough. Enterprise systems are
probed constantly by bad actors
for vulnerabilities, including
weak passwords.
Considering these threats,
protecting your systems with
additional safeguards is a must.
When a system is protected only by
passwords, a password breach can
mean a halt to system operations
until the system is scanned for data
loss or other evidence of intrusion

and new passwords can be issued.
Multifactor authentication is a
tested, user-friendly upgrade to a
password-only system.

Multifactor Authentication
Explained
Put simply, multifactor authentication ensures that no single
factor-such as a possession of a
login/password pair-is enough to
establish access to a computing or
data resource. Instead, multifactor
authentication allows users access
only in the presence of more than
! ÉÃ%ÉÇ'$&1ÃÈÉ &®É$NÃ
Passwords can be guessed or
coaxed from unwary users through
fraud or social engineering, or
simply stolen. Requiring more than
one factor means that criminals
have to work harder to break in.
Beyond that, multifactor authentication best practices dictate using
factors that can't be readily stolen

Mike Zagorski is an offering manager in IBM Security with a focus on IBM Z.
38 | NOVEMBER/DECEMBER 2018 IBMSYSTEMSMAG.COM

Ä&ÃÄQÃ%'ÇÃÄ%ÃÆ!É&$ÇÃÈÉ &®É$%Ã
and one-time tokens.
4ÉÃÈÉ &®É$%Ã&Ä&ÃÄÃ'&ÄÇtor authentication system makes
use of are often grouped into three
categories:
1.

Something you know: This
includes passwords, password
phrases, security questions and
"É$%! ÄÃÈÉ &®ÇÄ&! à 'ÆÉ$%N
2. Something you have: This
could include an electronic key
from providers such as RSA,
software-generated tokens
from Gemalto SafeNet Authentication Service, a smart security badge or a device such as a
mobile phone or tablet that can
be used to receive out-of-band
communications.
3. Something you are: Factors that
distinguish one person from
Ä !&É$QÃ$!î É$"$ &%Ã&!Ã
voice texture to typing speed and
rhythm. All of these factors serve
to establish identity.


http://www.IBMSYSTEMSMAG.COM

IBM Systems magazine, Mainframe - November/December 2018

Table of Contents for the Digital Edition of IBM Systems magazine, Mainframe - November/December 2018

Table of Contents
Editor's Desk: Room for imporovement
Currents: The big redesign unveil
Currents: ExxonMobil and IBM improce the mobile app user experience
Currents: 8 emerging storage trends of 2018
Currents: Solutions
Currents: Remembering Dr. John Ehrman: The father of IBM High Level Assembler
Partner POV: DevOps requires quality, velocity and efficiency to transform software delivery life cycles
Cover Story: Enabling opportunity: Get the most out of IBM Z with Secure Service Containers and a consumption-based pricing model
Feature 1: Skilling up: How Russell Tobin, Per Scholas and IBM brought new talent into the mainframe workforce
TECH Showcase: How to reap the full benefits of virtual tape storage, properly measure its performance and choose the right strategy for your business
Techbits: Banco do Brasil improves processes after migrating to the IBM Db2 Utilities Suite for z/OS
Techbits: Multifactor authentication is a user-friendly upgrade to password-only systems
Beyond the Box: The mainframe Playground Education Initiative opens the mainframe to the next generation
Reference Point - Global Events, Education, Resources for Power Systems
2018 Mainframe Solutions Edition Product Index
IBM Systems magazine, Mainframe - November/December 2018 - Intro
IBM Systems magazine, Mainframe - November/December 2018 - Cover1
IBM Systems magazine, Mainframe - November/December 2018 - Cover2
IBM Systems magazine, Mainframe - November/December 2018 - 1
IBM Systems magazine, Mainframe - November/December 2018 - 2
IBM Systems magazine, Mainframe - November/December 2018 - 3
IBM Systems magazine, Mainframe - November/December 2018 - Table of Contents
IBM Systems magazine, Mainframe - November/December 2018 - 5
IBM Systems magazine, Mainframe - November/December 2018 - Editor's Desk: Room for imporovement
IBM Systems magazine, Mainframe - November/December 2018 - 7
IBM Systems magazine, Mainframe - November/December 2018 - Currents: The big redesign unveil
IBM Systems magazine, Mainframe - November/December 2018 - Currents: ExxonMobil and IBM improce the mobile app user experience
IBM Systems magazine, Mainframe - November/December 2018 - Beyond the Box: The mainframe Playground Education Initiative opens the mainframe to the next generation
IBM Systems magazine, Mainframe - November/December 2018 - 11
IBM Systems magazine, Mainframe - November/December 2018 - Currents: Solutions
IBM Systems magazine, Mainframe - November/December 2018 - Currents: Remembering Dr. John Ehrman: The father of IBM High Level Assembler
IBM Systems magazine, Mainframe - November/December 2018 - Partner POV: DevOps requires quality, velocity and efficiency to transform software delivery life cycles
IBM Systems magazine, Mainframe - November/December 2018 - 15
IBM Systems magazine, Mainframe - November/December 2018 - Cover Story: Enabling opportunity: Get the most out of IBM Z with Secure Service Containers and a consumption-based pricing model
IBM Systems magazine, Mainframe - November/December 2018 - 17
IBM Systems magazine, Mainframe - November/December 2018 - 18
IBM Systems magazine, Mainframe - November/December 2018 - 19
IBM Systems magazine, Mainframe - November/December 2018 - 20
IBM Systems magazine, Mainframe - November/December 2018 - 21
IBM Systems magazine, Mainframe - November/December 2018 - Feature 1: Skilling up: How Russell Tobin, Per Scholas and IBM brought new talent into the mainframe workforce
IBM Systems magazine, Mainframe - November/December 2018 - 23
IBM Systems magazine, Mainframe - November/December 2018 - 24
IBM Systems magazine, Mainframe - November/December 2018 - 25
IBM Systems magazine, Mainframe - November/December 2018 - 26
IBM Systems magazine, Mainframe - November/December 2018 - 27
IBM Systems magazine, Mainframe - November/December 2018 - 28
IBM Systems magazine, Mainframe - November/December 2018 - TECH Showcase: How to reap the full benefits of virtual tape storage, properly measure its performance and choose the right strategy for your business
IBM Systems magazine, Mainframe - November/December 2018 - 30
IBM Systems magazine, Mainframe - November/December 2018 - 31
IBM Systems magazine, Mainframe - November/December 2018 - 32
IBM Systems magazine, Mainframe - November/December 2018 - 33
IBM Systems magazine, Mainframe - November/December 2018 - 34
IBM Systems magazine, Mainframe - November/December 2018 - 35
IBM Systems magazine, Mainframe - November/December 2018 - Techbits: Banco do Brasil improves processes after migrating to the IBM Db2 Utilities Suite for z/OS
IBM Systems magazine, Mainframe - November/December 2018 - 37
IBM Systems magazine, Mainframe - November/December 2018 - Techbits: Multifactor authentication is a user-friendly upgrade to password-only systems
IBM Systems magazine, Mainframe - November/December 2018 - 39
IBM Systems magazine, Mainframe - November/December 2018 - 40
IBM Systems magazine, Mainframe - November/December 2018 - Cover3
IBM Systems magazine, Mainframe - November/December 2018 - Cover4
IBM Systems magazine, Mainframe - November/December 2018 - Reference Point - Global Events, Education, Resources for Power Systems
IBM Systems magazine, Mainframe - November/December 2018 - 2018 Mainframe Solutions Edition Product Index
IBM Systems magazine, Mainframe - November/December 2018 - SE2
IBM Systems magazine, Mainframe - November/December 2018 - SE3
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2020mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20191112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/relevantz_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2019mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20181112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2018mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20171112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_sesupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_linuxsupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20161112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/MainframeSecurity
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20151112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910_se
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910
http://www.ibmsystemsmagmainframedigital.com/MFSkills
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506_supp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20141112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_gt_201405
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/BigData
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20131112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20121112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/buyersguide2013
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/ibmsystems_mainframe_2012bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20111112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20101112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910_bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20091112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090506
https://www.nxtbook.com/nxtbooks/ibmsystemsmag/mainframe_20090304
https://www.nxtbook.com/nxtbooks/mspcomm/ibmsystems_mainframe_200901
https://www.nxtbookmedia.com