Idea ID: 2875075

NAM Admin Console access missing basic security controls of Multi-Factor authentication for itself

Elfstone Elfstone
Status : New Idea

While NAM allows for MFA within the end-user experience for reverse proxied websites as well as SAML/OAuth federations, the very administrative interface of NAM offers nothing but simple username + password.

For a security company, Micro Focus / NetIQ shouldn't be creating security-focused solutions such as NAM without the most obvious and basic requirement of MFA on any and all administrative interfaces.

This lack of multi-factor authentication on a mission-critical tool's administrative interface is not only an audit compliance problem for customers, but also a very real security vulnerability.

Resources

Support
Documentation
Learning Services
CyberRes Academy
Partner Programs
Contact us
Compliance
Help
Company
Privacy Policy
Terms of Use
Accessibility
Anti-Slavery Statement
Support
Contact Us
Careers
Code of Conduct
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.