As I like to say, “IBM i runs the world.” The major industries such as Financials, Manufacturing, Distribution, Trucking, Healthcare, and Insurance all run their core business functions on IBM i. They do this because it is the most reliable, available, and secure platform. If all the IBM i data disappeared, I’m not sure what would happen. I know it wouldn’t be good.
#1 Data Protection
Data is your company’s most critical asset, and protecting your data should be on the top of your list. Ransomware attacks continue to rise worldwide, making data protection the most crucial area companies should focus on today. Companies spend lots of money to ensure their IBM i systems are reliable and available, but sometimes they neglect the security because they believe it’s secure out of the box. A false sense of security has been the cause of successful ransomware attacks on IBM i.
Compromised credentials continue to be a leading cause of data breaches, followed by misconfigured software settings and third-party software vulnerabilities. When Steve Pitcher does a penetration test, he looks for users with default passwords. That is often the foot in the door he needs to be able to exploit the vulnerability of a system. If compromised credentials are part of the problem, then this is where we need a solution.
What is Multi-Factor Authentication (MFA)
Multi-Factor Authentication (MFA) can help prevent bad actors from accessing your sensitive data even if they can compromise the credentials of one of your IBM i users. MFA isn’t a new concept. We’ve all logged into an application and have had to enter a code we receive in our email or cell phones. In some cases, you may even have a physical token you need to use to access data. While we see companies have adopted MFA for some of their environments, many have not implemented it on IBM i.
The basic premise of MFA is that you sign on with something you know, have, or are. Your password and user ID is typically the thing you know. It’s also the easiest thing for someone else to know. Something you have is typically your email or your phone. The assumption is that someone else doesn’t have access to your password, email, or phone. Something you are refers to biometrics, such as your fingerprint or facial recognition. This added layer of protection is meant to stop someone …