Multi-factor authentication software for IBM i
Simple access authentication for servers inside and outside your firewall
IBM i (System i, iSeries, AS/400)
Comply with Security Standards, Including PCI DSS
The latest version of the Payment Card Industry Data Security Standard requires multi-factor authentication (MFA) for all administrator access into the cardholder data environment (CDE), even from within a trusted network. MFA also simplifies compliance with mandates concerned with data privacy, like HIPAA and GDPR. Access Authenticator allows you to implement MFA across your environment, including systems like IBM i. Robust auditing and reporting capabilities make it easy to prove compliance.
Enforce Risk-Driven Security Policies
Passwords alone aren’t enough for modern threats. Today’s attackers are adept at stealing login credentials, and 50 percent of users reuse passwords. With more employees working and logging into networks remotely, what organization can tolerate this level of risk? Access Authenticator adds an additional layer of security on top of your existing access protection controls, drastically reducing the amount of damage compromised passwords can cause.
Protect Access from Any Device and Location
End users are accessing your systems from their smartphones, home offices, and the corner office down the hall. No matter what device they’re using, Access Authenticator provides the assurance that users are who they say they are. And with multiple ways to verify user identities, the authentication process has the flexibility and reliability your users expect.
Simplify Identity and Access Management
Managing your users’ identities and their access to organizational resources is challenging but necessary. Access Authenticator is an MFA solution that makes the process simpler and more manageable. End users can quickly and easily confirm their identities before gaining the right level of access to the data and applications they need to do their jobs. Administration is centralized, so adding and removing users is easy and efficient. The end result is a more secure system with less burden on your IT teams, enabling you to deploy multi-factor authentication across your organization.
Comprehensive Authentication Manager
Access Authenticator is administered from the HelpSystems Insite web interface. The authentication manager is a powerful tool that makes it easy to configure multi-factor authentication to meet your organization’s needs.
From here, you can import users from Active Directory, invite users to the self-service portal, and activate or deactivate multi-factor authentication for users and groups. Users can also be disabled without removing them from the database altogether.
Intuitive User Portal
The self-service portal allows users to complete the Access Authenticator registration process. This easy-to-use portal is also where users maintain their authentication credentials and update their options.
In compliance with PCI DSS 8.2.2, which requires users to verify their identities before modifying any authentication credentials, users must verify their usernames and passwords before making changes to their accounts.
The user portal also allows users to activate the mobile app, which provides additional methods of authentication.
Multiple Authentication Methods
Access Authenticator allows administrators to select from several different methods of authentication for your users’ convenience and to meet your organization’s security requirements including:
- YubiKey integration
- One-time password generation
- Push notifications
- Biometric fingerprint scanning
Complete Audit Trail
Audit and report on authentication attempts, user maintenance activity (user registrations, mobile app registrations, one-time password updates), and user information (disabled users, users who haven’t completed registration). Administrators can enable or disable all types of auditing and determine how long to retain data.
Access Authenticator’s administration is centralized to simplify deployment and minimize the burden on IT. The authentication manager can be configured to automatically disable both inactive users and profiles where a hack attack is suspected. Administrators can also manage groups of users, rather than just individuals.
No Custom Coding Required
Access Authenticator is built to support the IBM i (AS/400, iSeries) platform and its unique features. Eliminating the need for custom coding enhances efficiency and security, and assures you that your multi-factor authentication solution will meet your organization’s compliance requirements.
Users have the ability to authenticate 24/7. If the authentication manager is unavailable for some reason, such as scheduled maintenance or a hardware fault, an alternative authentication manager will be available to process users’ authentication attempts.
Comply with Security Standards and Regulations
Implementing Multi-Factor Authentication to Comply with PCI DSS, HIPAA, and Other Mandates
With security threats on the rise, governments and industry groups are ramping up their efforts to prevent data breaches. Passwords alone have proven to be ineffective. Multi-factor authentication is a simple way to overcome the vulnerabilities associated with passwords.
By requiring two or more different credentials to authorize access to mission-critical data and applications, you drastically reduce the risk that a single bad password could lead to thousands of sensitive records being exposed.
That is the logic behind PCI DSS requiring MFA. While past versions of this data security standard required multiple authentication factors for remote access, the latest version also requires MFA for local administrative access to the cardholder data environment. This means all administrators accessing that data will always need to use MFA.
Access Authenticator was designed to help organizations of all sizes meet their compliance requirements and enhance their security posture. Because Access Authenticator is easy to use and offers several different authentication methods, users can quickly incorporate MFA into their regular routines. Centralized administration allows IT to efficiently deploy Access Authenticator across groups of users or even entire organizations.
Access Authenticator can also help you meet security mandates that don’t explicitly call for multi-factor authentication. In the U.S., HIPAA doesn’t mention multi-factor or even dual-factor authentication, but it does require access management and control. Under many circumstances, a single authentication factor is simply insufficient to meet HIPAA’s standards. Multi-factor authentication is the simplest and most secure approach to access management, especially where users are accessing protected health information remotely or outside a trusted network.
GDPR—the EU’s General Data Protection Regulation—is another cybersecurity law that doesn’t specifically require multi-factor authentication or two-factor authentication. But it does require organizations “ensure a level of security appropriate to the risk,” and the penalties for non-compliance can reach € 20 million or four percent of global turnover.
Implementing a multi-factor authentication solution like Access Authenticator is a simple way to comply with the law, minimize the risk of a data breach, and avoid the fines for non-compliance.
Secure User Authentication Simplified
Passwords alone aren’t enough to protect your systems from modern threats, but passwords are still instrumental to identity and access management. Today’s user authentication best practices call for a strong password policy backed up by multi-factor authentication, but it doesn't have to be a drain on your IT staff.
On IBM i (AS/400, System i), there’s no better combination than Access Authenticator and Password Self Help, the self-service password reset tool for IBM i users, for secure yet simple access management.
Password Self Help enhances your system security by allowing administrators to set a strong password policy that includes rules for password length, repetition of characters, and case sensitivity. When a user needs to reset a password, she handles it herself by answering a series of challenge questions to verify her identity.
The end user doesn’t need to call the help desk, which results in significant cost savings. Because password resets account for about 50 percent of help desk calls, both the end users and the help staff see immediate productivity gains. Password Self Help also maintains a full audit trail of all reset attempts.
Access Authenticator cuts the risks created by compromised passwords. And Password Self Help ensures IBM i user passwords meet your organization’s security policy. Together, Access Authenticator and Password Self Help protect your mission critical-data so simply that your users can focus on their core responsibilities instead of worrying about how to log in.
Already own RSA SecurID?
Check out our agent for IBM i >