In 2018, organizations that trust passwords alone to manage access to their critical business information are like Cro-Magnon hunters protecting their tribe with a stone ax. While it’s a simple and comparatively easy solution to implement, it isn’t a viable approach in an increasingly competitive digital business environment. It also doesn’t provide enough protection to combat real risks that exist today.

Certainly, passwords are tough to beat when it comes to a cheap, fast and convenient way to deliver authentication. In today’s threat landscape, however, passwords alone represent a dangerous and dated solution. They’re easily guessed, bypassed, stolen and even sold — and they don’t meet modern security needs.

Multifactor Authentication: Mainframe Security Concerns Come Into Focus

Smart companies — especially ones that deploy large-scale systems based on mainframes — are finding ways to manage access to their data and infrastructure safely. Regardless of their industry vertical or geographic location, organizations are increasingly focused on a common concern: cybersecurity.

Cyberthreats subject companies to risk that can damage customer and partner relationships, not to mention brand reputation, lost revenue and fines. The threats will continue to rise in variety and volume as businesses embrace digital transformation (and attackers become more sophisticated).

A recent survey by the IBM Institute for Business Value found that 94 percent of C-suite executives expect their company to have a significant cybersecurity incident in the next two years — and less than 20 percent have a high level of confidence in their preparedness to combat these threats.

Protecting Mainframe Data in the Post-Password Era

Multifactor authentication (MFA) is a powerful solution that organizations can use today to restrict access to sensitive information. While variations of MFA have been available for several years to manage access to phones, laptops and tablets, this capability has only recently been an option for mainframes. Since tremendous amounts of valuable data and proprietary IP are typically stored and managed on mainframes, MFA now makes it much easier to control access to mission-critical information.

MFA is an umbrella term for an approach that forces users to identify themselves with something they:

  • Know, such as a password or PIN;
  • Have, such as a cell phone or key fob; and
  • Are, such as a fingerprint, voice print or iris scan.

Organizations across industries are implementing MFA to provide additional layers of access security and make the bad guys work a lot harder. The result delivers on the primary objective: Make access easier for people who are authorized and more difficult for attackers.

The Rise of Multifactor Authentication Means Passwords Are Ancient History

In recent years, more and more companies are turning to MFA solutions to address their security and compliance concerns. In 2015, 66 percent of organizations were using MFA in some capacity, according to SecureAuth. In 2016, that number jumped to an impressive 93 percent. In 2017, more than 30 percent of organizations were looking to expand or implement MFA over the next 12 months.

To meet this demand, IBM MFA for z/OS enables verification of all users, including employees, contractors, outsourced IT, partners and customers — basically anyone who logs into your existing enterprise security management (ESM) solution.

If you are looking to provide the next level of secure access to your organization’s critical data, put down the stone ax, step out of the cave and stop using your password.

Learn more about IBM Multi-Factor Authentication for z/OS

More from Identity & Access

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly rapid pace. The need to ensure the security and safety of these technologies has never been more pressing. So, let’s discover a range of measures…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

Kronos Malware Reemerges with Increased Functionality

The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of Kronos emerged in 2014 and was reportedly sold on the darknet for approximately $7,000. Kronos is typically used to download other malware and has historically been used by threat actors to deliver different types of malware to victims. After remaining…

An IBM Hacker Breaks Down High-Profile Attacks

On September 19, 2022, an 18-year-old cyberattacker known as "teapotuberhacker" (aka TeaPot) allegedly breached the Slack messages of game developer Rockstar Games. Using this access, they pilfered over 90 videos of the upcoming Grand Theft Auto VI game. They then posted those videos on the fan website GTAForums.com. Gamers got an unsanctioned sneak peek of game footage, characters, plot points and other critical details. It was a game developer's worst nightmare. In addition, the malicious actor claimed responsibility for a…