• December 3, 2021

This Cybersecurity Awareness Month, Implement Multi-Factor Authentication

The White House has proclaimed October Cybersecurity Awareness Month, promoting efforts by the Cybersecurity and Infrastructure Security Agency (CISA) to encourage the public to be “Cyber Smart” and stay safe online. As stories of malicious cyber actors, such as ransomware attacks, continue to make headlines and disrupt businesses across industries, the importance of cybersecurity cannot be overstated. 

At Rocket, security is our top priority, which is why we provide resources, teams of experts and proven solutions to help users learn best practices to protect themselves and their mainframe systems. We support CISA’s recommendation that everyone implement multi-factor authentication (MFA) to dramatically decrease the likelihood of their accounts being infiltrated. Read on for more information about MFA as it relates to legacy systems and how it can protect organizations’ critical information.  

What Qualifies as MFA? 

Multi-factor authentication requires users to provide two or more pieces of evidence in order to gain access to a network, system or application. These pieces of information fall into three categories: something you know (such as a password or PIN), something you have (such as a fob or mobile device), and something on your body (such as a fingerprint or facial scan). To constitute MFA, users should be asked to provide a combination of these categories.  

A Few Important Statistics: 

  • In 2020, 61% of security breaches involved stolen credentials, meaning bad actors accessed passwords or other information needed to gain entry into a company’s data. Passwords are critical, but more must be done. 
  • In the U.S., the average cost of a data breach is around $8.9 million. This is meaningful context when considering the cost of implementing an MFA solution – it may seem like an extra expense, but the alternative has a much higher risk. 
  • The average time it takes for an organization to detect a breach is 280 days. Within this timeframe, extensive damage can already have been inflicted before the organization even realizes.  

Security breaches can be devastating to businesses, from financial costs to the repercussions of eroded stakeholder confidence and brand reputation. As hackers grow in sophistication, their operations have become entire criminal enterprises with efficiency and scale. One Black Hat Hacker Survey found: 

  • Sixty eight percent of hackers say MFA and encryption are their biggest obstacles, making it the most effective way to fight their attacks. 
  • Traditional security perimeters are irrelevant and obsolete, according to 73% of hackers. 

Considering the growing emphasis on regulatory requirements for personally identifiable information (PII), most organizations now must comply with at least one regulatory mandate associated with their business. MFA is required in legislation such as PCI for payment processing, HIPAA in the healthcare sector, GDPR in the EU, and likely will continue to grow in prevalence.  

Fully Integrated MFA Strengthens the Weakest Link 

Many organizations have “over the top” MFA, meaning multiple factors are required to access the network, but not specific systems and applications. Organizations that use IBM i and IBM Z have critical business data stored in these systems and should be securing them specifically. While mainframe systems are some of the most secure, it is still important to add this layer of protection since so many users have access to the critical data on them. 

For instance, if someone hacks into an organization’s network, they can steal static passwords and access downstream applications. This is because with only network MFA, once the network trusts the user, it trusts the whole system they are running the IBM i or Z from. If their device has been infiltrated by malware, that is trusted as well. As the saying goes, the system is only as strong as the weakest link. 

Implementing MFA on the mainframe in addition to network MFA can ensure companies avoid expensive fines and breaches. These MFA solutions should be able to communicate with each other for the most streamlined and secure process. Rocket’s MFA solutions provide web service APIs that allow secure and simple integration with MFA server functionality. The solution can integrate with terminal emulators and other application environments within the IBM i or Z system.  

Get Guidance from Experts 

If implementing MFA seems complicated, don’t worry. Rocket experts were instrumental in developing MFA solutions for IBM mainframe systems and are here to help. With our deep knowledge and understanding of the challenges that come along with MFA and mainframe integration, we help organizations be proactive when it comes to cybersecurity on the mainframe. 

This Cybersecurity Awareness Month, find the system-specific security solution that fits your needs. We are eager to hear about the challenges impacting your business to make the process easy and keep your business protected. Watch the webinar and find more information here. 

 

Coreen Wilson 2 Posts

I have spent close to 10 years becoming a subject matter expert on the top cybersecurity frameworks during an era of breaches, malware and ransomware promoting the importance of cybersecurity to the C-suite. For the past two I have been championing the transformative mainframe through innovative technology like OSS/Zowe, AI/ML and data virtualization for Z Systems at Rocket Software.

0 Comments

Leave a Comment

Your email address will not be published. Required fields are marked *