Who knows more about protecting zSystems than zSystems people? Join your zSystems Security Community now!

What Multi-factor Authentication can do for your business

Mainframe systems are the foundation of trusted digital experiences for most of the world’s largest companies and organizations. However, passwords protecting critical users, data and applications are a relatively simple point of attack for hackers to exploit because passwords rely on user education and compliance for both implementation and control. Using a variety of methods such as social engineering and phishing, criminals have exploited employees, partners, and general users to hack into even the most secure platforms.

IBM Z Multi-Factor Authentication (IBM Z MFA) raises the level of assurance of your mission-critical systems with expanded authentication capabilities and options for a comprehensive, user-centered strategy to help mitigate the risk of compromised passwords and system hacks. Our designers are also IBM Z MFA users. Across every new version, we incorporate their growing knowledge and expertise of real-world mainframe security scenarios.

Enhance logon security

Require multiple authentication factors to protect accounts and reduce risk for critical applications and data—even if one of the factors is discovered.

Ease regulatory compliance

Address regulatory and industry requirements for strong user authentication and audit support, including PCI-DSS, NIST, GDPR, PSD2 and emerging mandates such as CCPA in California and LGPD in Brazil.

Centralize and simplify management

Centralize factor information in RACF to simplify control, accelerate factor deployment and improve administrative efficiency.

Latest IBM Z Multi-Factor Authentication features (v2.2)

  • Pluggable authentication modules
  • Configure multiple instances of select MFA factors
  • Addition of a “Console Modify” command
  • Documentation and formal support for customer use of policy authentication
  • MFA configuration option to request browser clients receiving cache token credentials mask the display of such credentials
  • Support for RSA SecurID authentication
  • Web-based ESM password reset feature

Additional IBM Z Multi-Factor Authentication features (v2.1)

  • Expanded across z/VM operating systems (new in 2.1)
  • Supports production of secure credentials within and beyond the boundary of a Sysplex cluster where the credential was generated (new in 2.1)
  • Extensions for RACF, ACF2 and TopSecret with auditing and provisioning
  • Centralized RACF, ACF2 and TopSecret database support
  • RADIUS support: RSA, Gemalto and generic
  • IBM ISAM integration
  • IBM CIV integration
  • Native Yubico support
  • IBM TouchToken and generic TOTP
  • Certificate-based authentication, PIV, CAC card support
  • Compound authentication
  • Fault tolerance and application exemption

Next steps for IBM Z Multi-Factor Authentication

Let’s talk

Contact an IBM representative for answers to your IBM Z Multi-Factor Authentication questions and pricing information.

Contact us now

IBM Z MFA details

See how IBM Z Multi-Factor Authentication enhances authentication modes and support to strengthen your enterprise security.

See details

Try it out

You can use IBM Z Multi-Factor Authentication in production and non-production environments to see all it can do for you —before you buy. (Link resides outside ibm.com)

Try IBM Z MFA now

Expert resources to help you succeed

Community

Get technical tips and insights from others who use IBM Z Multi-Factor Authentication.

Product documentation

Find answers quickly in IBM product documentation.