iSecurity Multi-Factor Authentication is an easy-to-configure IBM i solution that provides enhanced MFA user verification for IBM i system and data access. iSecurity MFA greatly increases system security. It also helps satisfy governmental, industry, regulatory, and insurance industry standards for advanced security and stricter internal controls.
Click here to to learn more about iSecurity MFA or continue reading to discover more about this critical IBM i product.
What is multi-factor authentication?
Multi-factor authentication is a user authentication method that requires the user to provide two or more authentication factors before they can access IBM i servers and data. Authentication factors provide hard-to-duplicate evidence of the user’s identity and they fall into three categories (figure 1):
- Knowledge: Something you know, such as a user profile password or the answer to a security question.
- Possession: Something you have, such as a digital token, cell phone or an RSA SecurID device.
- Inherence: Something you are, such as your fingerprints or facial features that are “read” by a scanning device or a camera.
Figure 1: : MFA requires users to provide two or more authorization factors from these categories before allowing access
iSecurity MFA: Easy-to-USE IBM i Multi-Factor Authentication
Using iSecurity MFA from SEA, multi-factor authentication is requested as part of a user’s initial IBM i sign in. iSecurity MFA user verification is satisfied by two verification factors:
- A standard IBM i user profile & password
- A Time-based One-Time Password (TOTP) or a TOTP token
Figure 2: MFA is implemented directly from the user’s initial IBM i login program
Verification covers all of a user ID or Person’s activities from the same IP address for a specified amount of time (ex., 30 minutes, 2 hours, etc.).
A Person can be defined as several different user profiles on the same or different IBM i servers. Once verification is achieved, all activities on their designated servers are covered until their verification period expires (no additional MFA verification needed).
iSecurity MFA can be configured to serve several different IBM i servers from a single i host server, centralizing MFA control and monitoring. MFA runs on a pure IBM i standard where all iSecurity MFA services are run in the IBM i environment. No additional Windows or Linux are necessary. Everything runs on IBM i.
Figure 3: One centralized iSecurity MFA server can provide MFA services for several different IBM i servers
iSecurity MFA can be implemented for many different IBM i-based servers, including:
- Initial IBM i login program
- FTP Server
- REXEC
- FTP Client
- ODBC
- File Server
- Remote PGM/CMD
- DDM/DRDA
iSecurity MFA works with most authenticator apps on the market, including Microsoft Authenticator and Google Authenticator.
Learn more about iSecurity MFA
iSecurity MFA is an easy-to-use IBM i MFA product that covers all of your security needs and runs from entirely within your IBM i environment. It greatly improves IBM i security and helps you meet compliance and insurance requirements.
Now find out more about using iSecurity MFA to meet your multi-factor authentication needs. Click here to learn more about iSecurity MFA and get a demonstration. iSecurity MFA is the only IBM i MFA solution you’ll ever need.
