Security is an ever-evolving issue for mainframe organizations. Challenges include new regulations, increased attacks and breaches, and ensuring appropriate employee access. So, keeping core systems secure, even those buried deep within the organization, is not easy.
However, recent sensitive data breaches prove that additional security measures must be a priority. This post offers valuable information about secure mainframe access and how to achieve it.
Drivers for change
Respondents to the most recent BMC Mainframe survey show us that mainframe organizations are shifting their priorities. In the past, 52 percent focused on cost. Now, 63 percent say their focus is on security. Why? Because though mainframes are considered secure, the risk of breach is increasing, and along with it the need for regulatory compliance.
New regulations, including the Payment Card Industry Data Security Standard (PCI DSS), Homeland Security Presidential Directive 12 (HSPD-12), and the General Data Protection Regulation (GDPR), require organizations to ensure sensitive data, such as personally identifiable information, remains secure. And much of that data lives on the mainframe.
The right controls can prevent a breach. As recent attacks have shown, attackers continue to use traditional methods such as credential cracking, where attackers use brute force (trial and error to guess login info), and a new phenomenon called credential stuffing. Attackers use stolen usernames to gain unauthorized access to accounts through automated login requests. It’s accomplished byusing standard web automation tools to automate the logins for those large numbers of stolen credentials.
A recent dark web audit revealed 15 billion stolen logins from 100,000 breaches are available to cybercrime actors. Complacency is not an option.
Multi-factor authentication (MFA)
The solution is multi-factor authentication, or MFA. MFA is an authentication method in which a user is granted access only after successfully presenting two or more pieces of evidence (or factors) of their identity. MFA demands more than a single, “crackable” password. Microsoft observes that MFA can block 99.9% of attacks by requiring two or more authentication factors. These can be passwords, hardware tokens, numerical codes, biometrics, and location. MFA greatly increases security by providing an extra barrier and layer of security that makes it incredibly difficult for attackers to penetrate. And, crucially, MFA is compatible with the mainframe.
Micro Focus MFA Solutions for the mainframe
Micro Focus Advanced Authentication framework strengthens the level of authentication (with two-factor or multi-factor authentication) necessary to meet regulatory, industry, and client requirements. Micro Focus multi-factor advanced authentication can provide MFA through the organization, while the AA Connector for z/OS extends it to the mainframe, ensuring MFA protection for every IBM z/OS endpoint.
MSS enables centrally managed, secure terminal emulation, while the advanced authentication add-on leverages the same level of MFA to authorize access to valuable host systems. This ensures that only individuals who have proven their identity can access host systems.
The mainframe environment is a vital cog in the organizational wheel. Protecting its data, applications and user access is critical for all organizations. A trusted partner of the mainframe community Micro Focus solutions can secure your mainframe, ensure your organization complies with regulations, and avoid breaches. In short, we’re working to ensure your mainframe remains protected and connected.
We’ll be continuing the discussion on the topic of mainframe access and security at the 2021 Micro Focus Universe event. Register now and join us at the AMC track.
- View the on-demand webinar: Tech Tips: Extend Enterprise Security to the Mainframe
- Check out this blog: Tightening Mainframe Access and Security
Read this article: Is a robot a threat to your mainframe?