For demonstrating compliance in an audit it can be necessary to show that changes that have been made to security rules are the result of approved change requests. New function recently released in the service stream for IBM Security zSecure 2.3.1 helps provide assurance via a simplified view based on a log of all RACF commands annotated with change ticket request numbers and descriptions. This functionality also makes it easier to redeploy changes to additional systems. For details, you can refer to this technical article.
As we have described the situation that many of our customers are in today, and our proposal for a better future state, we come to realize that for many, this transition is a journey, and a single big bang transition is not practical for many. This blog entry will outline an approach to start such […]
This article demonstrates how to configure a pre-token mapping rule for MMFA in ISAM which can prevent authenticator registration when certain undesirable conditions are detected. For example: Unsupported app or OS version The device is jailbroken Enforce users to register with a customer authenticator app Below are the registration attributes included in the request payload […]
One-time passwords (OTP) are widely used as a 2nd factor to add an additional layer of security to your account’s login. IBM Verify and the SDK support the generation of time-based (TOTP) and hash-based one-time passwords (HOTP) for SHA1, SHA256 and SHA512. Despite that its configuration is considered as “easy”, it can be time-consuming to […]