As was highlighted in my blog on cyber insurance, insurers see old-fashioned authentication of a simple username and password as an inadequate safeguard for today’s threats. Companies seeking insurance need to implement more modern and stronger forms of authentication like multi-factor authentication (MFA) to qualify for a policy. As it says in this article, Multi-Factor Authentication: A Key to Cyber Risk Insurance Coverage, “Even if a business has met all other requirements, it will have difficulty obtaining insurance if they haven’t deployed MFA.”
This is timely information due to the start of October’s Cybersecurity Awareness Month (CSAM), sponsored by the National Cyber Security Alliance (NCSA). The NCSA urges organizations to focus on four key behaviors to keep data safe, one of the four being multi-factor authentication.
So let’s dive deeper into MFA.
What is MFA?
MFA is an authentication strategy that relies on two or more pieces of evidence to gain access to a network, application, or system, and can dramatically decrease the likelihood of infiltration. The factors are:
- Something the user knows: it could be a password, PIN, or pattern.
- Something the user has: it could be a security token, smartphone, or keycard.
- Something the user is: it could be a fingerprint, iris scan, or voiceprint
MFA is critical because the email address/password combination has been thoroughly compromised by hackers and no longer provides strong protection from account breaches. Since so many of us reuse the same (often weak) passwords across multiple accounts, when one account is compromised on a website with weak security (for instance, on an online forum), hackers will quickly use that username/password combination to try and compromise other, more sensitive accounts such as email, bank, and e-commerce.
Layers of Defense are Critical
Many organizations have settled for “over the top” MFA. In this practice, MFA is required to access the enterprise network, but not its systems and applications, where organizations’ most critical data is often stored. Even for companies that operate on mainframes – which are some of the most secure IT infrastructure on the market – incorporating MFA into every layer is critical (think “Zero Trust”).
An example as to why layers of strong authentication are necessary was revealed by Cisco Systems in August. Cisco reported a cyberattack they attribute to the Lapsus$ ransomware group. The attackers gained access to Cisco domain controllers through stolen employee credentials after hijacking an employee’s personal Google account. With credentials in their possession, the attackers then used a multitude of techniques to bypass the MFA tied to the VPN client. When the MFA spoofing attacks against the Cisco employee were ultimately successful it allowed the attackers to run the VPN software as the targeted Cisco employee. They then escalated to administrative privileges, allowing them to login to multiple systems.
MFA for Mainframe Security
By implementing MFA on the mainframe in addition to the network, enterprises can better protect themselves from breaches and their far-reaching fallout. The Micro Focus Advanced Authentication (AA) Connector for z/OS integrates directly with the NetIQ Advanced Authentication server to provide a single framework for adding MFA required to meet your needs across the enterprise. Micro Focus can further enhance your security posture through the integrated Risk engine which evaluates additional vectors, increasing the authentication requirements in real-time when necessary.
If the Cisco story tells us anything, it is that any company can be breached, and oftentimes it is through the simplest of breach methods like stolen credentials. That’s one of the reasons insurers are demanding MFA everywhere. NetIQ Access Management can provide a strong foundation for secure access. Layers of MFA, including for mainframe access, can help you protect your critical assets while keeping friction to a minimum.
- AA Data Sheet
- AA Connector for Z/OS Data Sheet
- NetIQ Advanced Authentication web page
- NetIQ Advanced Authentication use case video
- NetIQ Advanced Authentication’s Framework
- Today’s Risks Require Tomorrow’s Authentication
- Advanced Authentication Free Trial
Join our Community. Have technical questions about NetIQ Advanced Authentication? Visit the NetIQ Advanced Authentication User Discussion Forum. Keep up with the latest Tips & Info about Advanced Authentication Do you have an Idea or Product Enhancement Request about Privileged Account Manager? Submit it in the NetIQ Advanced Authentication Idea Exchange. We’d love to hear your thoughts on this blog. Log in or register to comment below.