Multi-factor authentication: protecting your data in the cloud
IBM just announced that its new z13 and z13s systems are optimized for the hybrid cloud. This is a good thing, but every time someone utters the word “cloud,” the same issue gets raised: how can data be secure in the cloud? As a mainframe security professional, I think about this problem a lot. I understand the key arguments that companies make in favor of traditional firewalls. And I know how important it is to keep information safe regardless of where it lives.
Which brings me to the world of multi-factor authentication (MFA). This isn’t some new approach to security – in fact, some of the world’s best-known companies are already using MFA solutions to protect their data. What is new is that IBM is bringing multi-factor authentication to the mainframe.
We all know that data security protocols are only as good as their weakest link…and nothing is weaker than Bill in the back office using “123456” as the keys to the castle. But even decent passwords can be easily cracked, which is why a better approach is needed. Multi-factor authentication works by letting customers use more than one strong authentication factor at the same time. Think about the difference between using your front-door key to get into your house – plus a PIN, plus a token, plus a retinal scan.
As a consumer, I’ve seen banks improve security on their their online banking sites and mobile apps in the past few months by adding MFA. At least one mobile app that I use now requires a thumbprint from my iPhone, and the bank websites typically send me a single-use key (in a text or email) that I have to enter to proceed — in some cases to do anything at all, and in others only when something goes over a certain transaction value.
This trend is great news for anyone who uses the mainframe, but it’s especially relevant for anyone who uses mainframes in a hybrid cloud environment.