What multifactor authentication can do for your business

IBM Z® Multi-Factor Authentication (IBM Z MFA) is software that secures user logins to z/OS®, z/VM® and Linux® on Z through multifactor authentication.

Mainframe systems are the foundation of trusted digital experiences for most of the world’s largest companies and organizations. However, passwords protecting critical users, data and applications are a relatively simple point of attack for hackers to exploit because the passwords rely on user education and compliance for both implementation and control. By using a variety of methods, such as social engineering and phishing, criminals have exploited employees, partners and general users to hack into even the most secure platforms.

IBM Z MFA raises the level of assurance of your mission-critical systems with expanded authentication capabilities and options for a comprehensive, user-centered strategy that helps mitigate the risk of compromised passwords and system hacks. Our designers are also IBM Z MFA users. Across every new version, we incorporate their growing knowledge and expertise of real-world mainframe security scenarios.

Features

• Latest IBM Z Multi-Factor Authentication features (version 2.3) - Single sign-on support for tokens issued by external OIDC-compliant identity providers - User-driven password fallback voting - Remote CTC checking - Search Before Bind user provisioning for LDAP authentication - In-memory storage of IBM Z MFA-issued CTCs
• Latest IBM Z Multi-Factor Authentication features (version 2.2) - Pluggable authentication modules - Configuration of multiple instances of select MFA factors - Addition of a “Console Modify” command - Documentation and formal support for customer use of policy authentication - MFA configuration option to request that browser clients receiving cache token credentials mask the display of such credentials - Support for RSA SecurID authentication - Web-based ESM password reset feature

Benefits

• **Enhance login security: **Require multiple authentication factors to protect accounts and reduce risk for critical applications and data. Remain protected even if one of the factors is discovered.
• **Ease regulatory compliance: **Address regulatory and industry requirements for strong user authentication and audit support, including PCI-DSS, NIST, GDPR and PSD2, plus emerging mandates such as CCPA in California and LGPD in Brazil.
• **Centralize and simplify management: **Centralize factor information in RACF to simplify control, accelerate factor deployment and improve administrative efficiency.