Presentation is loading. Please wait.

Presentation is loading. Please wait.

Multi Factor Authentication for Z

Published byRandall Strickland Modified over 9 years ago

Similar presentations

Presentation on theme: "Multi Factor Authentication for Z"— Presentation transcript:

1 Multi Factor Authentication for Z
Steven Ringelberg Vanguard Integrity Professionals go2vanguard.com

2 About Vanguard Founded: 1986 Business: Cybersecurity Experts for Large Enterprises Software, Professional Services, and Training Customers: 1,000+ Worldwide Over 20 distributors/resellers serving 50+ countries worldwide 3

3 Data Breaches Number of breaches and outside attacks increasing
Continuing problem of insiders - malicious or by accident 4

4 “Target was certified as meeting the standard for payment card industry (PCI DSS) in September Nonetheless, we suffered a data breach…” now ex-chairman, ex-president, and ex-CEO of Target Corporation, Gregg Steinhafel ( 6

5 Logica and Nordea Bank Mainframe
Data Breaches Logica and Nordea Bank Mainframe breached in April 2013 7

6 Data Breaches Others: Home Depot Staples Anthem Health Insurance 7

7 Data Breaches: Two Themes
Mandiant: Data Breach Report 100% of breaches examined included an exploitation of a user id and password that was compromised. 7

8 An Industry full of often confused terms
Multi Factor Authentication An Industry full of often confused terms Multi-Factor Authentication is a method of requiring factors from the following three categories; Knowledge Factors Possession Factors Inherence Factors

9 Multi Factor Authentication
Two-Factor Authentication Two-Step Verification Strong Authentication

10 Multi Factor Authentication
Knowledge Factors Password PIN Number Mothers Maiden Name Favorite Potato Chip

11 Multi Factor Authentication
Possession Factors Disconnected (RSA, ActivID, etc) Sequence-Based Tokens – Singular button, multiple depresses Time-Based Tokens – Change Every ‘x’ Seconds typically Challenge-Based Tokens – Small keypad to enter challenge code Mobile Phones Soft Token SMS one-time password

12 Multi Factor Authentication
Possession Factors Connected Magnetic Strip – ATM Card, etc Contacts – SmartCard, EMV Credit Cards, USB – zPDT Key, RSA SecureID800, Wireless – RFID, Bluetooth, Proximity Other – Audio Port, iButtons, etc

13 Multi Factor Authentication
Possession Factors Connected Magnetic Strip – ATM Card, etc Contacts – SmartCard, EMV Credit Cards, USB – zPDT Key, RSA SecureID800, Wireless – RFID, Bluetooth, Proximity Other – Audio Port, iButtons, etc

14 Inherence Factors Fingerprint Hand Topography Eye (Iris)
Multi Factor Authentication Inherence Factors Fingerprint Hand Topography Eye (Iris)

15 Multi Factor Authentication
Exposure Issues Phishing/Man-In-The-Middle Malware Session Hijacking Lost/Stolen

16 Exposure Issues Multi Factor Authentication
Coding Flaws – Exposures in the Code of the applications, protocols, or other Example: Attackers Exploit the Heartbleed OpenSSL Vulnerability to Circumvent Multi-factor Authentication on VPNs

17 US based Regulation and Guidance
Multi Factor Authentication US based Regulation and Guidance NIST FIPS 201/HSPD-12 HIPPA NERC CIP NIST SP PCI DSS FFIEC

18 Vendors – Multi Factor and Z
Vanguard Integrity Professionals. Physical Tokens – Vanguard ez/Token “soft” Tokens – Vanguard Tokenless “Smart Cards” a/k/a “PIV Cards” a/k/a “CAC Cards” 33

19 Vanguard Software Services Training
We provide you with the analytical tools that allows you to do an in-depth audit of your z/OS systems against multiple standards Provides detailed explanation, risk analysis, user action to correct Services We will execute z/OS system audits against multiple standards We will also remediate Training We will train you how to audit z/OS systems against multiple standards We will also train you to remediate 33

20 Questions? 35

21 Call 800-794-0014 or email us at info@go2vanguard.com
For more information Call or us at Thai Thank You English Arabic Gracias Spanish Obrigado Brazilian Portuguese Danke Grazie Korean German Italian Simplified Chinese Russian Merci French Japanese Traditional Chinese Hindi 37

Download ppt "Multi Factor Authentication for Z"

Similar presentations

© 2006 IBM Corporation SOA on your terms and our expertise Software WebSphere Process Integration 6.0.2 STEW 5.2 P – How to run the End 2 End Demo.

© 2006 IBM Corporation SOA on your terms and our expertise Software WebSphere Process Integration STEW 5.2 P – How to run the End 2 End Demo.
Almaden Services Research Almaden Research Center, San Jose, CA 20 April 2006 Multifaceted approach to ontologizing the ONTOLOG content Rooted in pragmatism,

Almaden Services Research Almaden Research Center, San Jose, CA 20 April 2006 Multifaceted approach to ontologizing the ONTOLOG content Rooted in pragmatism,
PRESENTED BY: FATIMA ALSALEH Credit Cards Fraud - skimmers -

PRESENTED BY: FATIMA ALSALEH Credit Cards Fraud - skimmers -
Lecture 6 User Authentication (cont)

Lecture 6 User Authentication (cont)
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Translation Strategy and Roadmap CCNA Discovery CCNA Exploration ITE:

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Translation Strategy and Roadmap CCNA Discovery CCNA Exploration ITE:
EToken PRO Anywhere. Agenda  eToken PRO Anywhere Overview  Market background and target markets  Identifying the opportunity  Implementation and Pricing.

EToken PRO Anywhere. Agenda  eToken PRO Anywhere Overview  Market background and target markets  Identifying the opportunity  Implementation and Pricing.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.

Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.
A Presentation for the Enterprise Architect © 2008 IBM Corporation IBM Technology Day - SOA SOA Governance Miroslav Petrek IT Software Architect

A Presentation for the Enterprise Architect © 2008 IBM Corporation IBM Technology Day - SOA SOA Governance Miroslav Petrek IT Software Architect
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.

Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.
Your Interactive Guide to the Digital World Discovering Computers 2012.

Your Interactive Guide to the Digital World Discovering Computers 2012.
Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation.

Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation.
CMSC 414 Computer and Network Security Lecture 11 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 11 Jonathan Katz.
Certificate and Key Storage Tokens and Software

Certificate and Key Storage Tokens and Software
The Office of Information Technology Two-Factor Authentication.

The Office of Information Technology Two-Factor Authentication.
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.

Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Large-Scale, Cost-Effective, Progressive Authentication and Identify Management Solutions Enabling Security, Efficiency and Collaboration through Technology.

Large-Scale, Cost-Effective, Progressive Authentication and Identify Management Solutions Enabling Security, Efficiency and Collaboration through Technology.
OV 11 - 1 Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.

OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.
By: Piyumi Peiris 11 EDO. Swipe cards are a common type of security device used by many people. They are usually a business-card-sized plastic card with.

By: Piyumi Peiris 11 EDO. Swipe cards are a common type of security device used by many people. They are usually a business-card-sized plastic card with.

Similar presentations

Ads by Google