For today's businesses, providing global connectivity to their workforce and clients is integral to their success. However, with 24X7 online infrastructure and services, and the ubiquitousness of IoT devices and connections, the threat of cybercrimes, both internal and external, is ever present. Organizations must safeguard their applications -- and metadata -- diligently, defending against breaches that can harm operations.
Identity and access management is your first line of defense when reducing insider threat risks and protecting your network and digital assets against unwanted intrusions.
To help provide an extra layer of protection against these threats, you can now use multifactor authentication (MFA) to control user access in IBM Spectrum Control.
What is MFA?
MFA is a security measure that requires more than one form of identification before someone you are granted access to an account or application. Put simply, it helps verify that it's you and not someone else when you log in to IBM Spectrum Control.
First-factor authentication methods alone, such as username and password combinations, do not provide the level of protection that is required in today's complex environments. Passwords are a relatively vulnerable point of attack for hackers to exploit because they rely on user awareness and compliance to implement effectively.
Stolen or compromised login credentials were not only the most common cause of a data breach (19%), but at 327 days, took the longest time to identify. This attack vector ended up costing USD 150,000 more than the average cost of a data breach. With MFA, knowing or cracking a password won't be enough for hackers to gain access.
With MFA, security and IBM Spectrum Control administrators can reinforce account protection, monitor access more efficiently at a high level, and mitigate the risk of compromised passwords.
Why implement MFA in IBM Spectrum Control?
The mission-critical applications and services that support your business play an important role in driving success for you and your clients. The ability of IBM Spectrum Control to manage and monitor your storage helps you fine tune performance, plan your future capacity needs, and troubleshoot storage infrastructure issues when they occur.
Interruptions to IBM Spectrum Control that are caused by unapproved or unwanted access can impact your business and your ability to service your clients.
If that’s not reason enough to enable MFA for IBM Spectrum Control, check out these additional benefits:
- MFA enables you to configure stronger authentication. Weak or stolen passwords are one of the key causes of security breaches. That's why protecting against such attacks is so critical to reducing risks and maintaining the trust of your clients. With MFA, it’s about granting access based on multiple weighted factors, thereby reducing the risks of compromised passwords.
- MFA provides flexibility without sacrificing usability. With so many authentication methods being implemented by organizations in the name of protecting assets, users can get frustrated with the number and variety steps they must take just to gain access to content. With the implementation of MFA in IBM Spectrum Control, users can select the authentication methods that work best for them, so they can get to their work faster and with less cumbersome hurdles in the way.
- MFA can help you comply with regulations. You and your clients might be in an industry, location, or client relationship with regulations that require MFA. Now, you can implement that capability in IBM Spectrum Control 5.4.10 and later to help ensure that you’re in compliance. Here are just a few examples where MFA is becoming a necessity as a security measure for everyday use:
- The United States government announced that it would require MFA sign-in methods for all federal agency staff.
- Payment Card Industry Data Security Standard (PCI-DSS) requires that MFA be implemented in some situations to prevent unauthorized users from accessing payment processing systems.
- GitHub is gradually requiring that all users (who contribute code on GitHub.com) enable one or more forms of two-factor authentication (2FA).
- Google now prompts new users to enable MFA at the time of account creation.
- Salesforce requires that customers enable MFA to access their products.
How MFA works in IBM Spectrum Control
To provide MFA, IBM Spectrum Control integrates with IBM Security Verify, a cloud-based identity and access management (IAM) service provider. IBM Security Verify provides deep, AI-powered context for workforce identity and access management. It helps to protect your users and apps, inside and outside the enterprise, with a low-friction, cloud-native, software-as-a-service (SaaS) approach that leverages the cloud.
With IBM Security Verify and MFA, you can provide different factors to validate and verify IBM Spectrum Control users. An Administrator within IBM Spectrum Control configures this integration. Then, when other users log in to IBM Spectrum Control, they must enter a username and password and a second form of identification that is requested by IBM Security Verify.
How to configure MFA
Configuring MFA for IBM Spectrum Control is a snap for administrators and users. The administrator sets up IBM Security Verify and enables MFA in IBM Spectrum Control. Then, users get to choose the second factor that they want to use for logging in.
Here’s a quick breakdown of how to configure IBM Spectrum Control with MFA:
1. Integrate IBM Security Verify with IBM Spectrum Control.
Integrate IBM Security Verify with IBM Spectrum Control by creating an account with IBM Security Verify, configuring it for IBM Spectrum Control, and adding IBM Spectrum Control users. These tasks are done by your system, network, or IBM Spectrum Control administrator.
2. Enable MFA in IBM Spectrum Control.
In the IBM Spectrum Control GUI, the administrator enables MFA and creates the connection between IBM Spectrum Control and IBM Security Verify. It’s all done under Settings > User Management on the Authentication Configuration page. Learn more.
3. Choose authentication factors.
With IBM Security Verify, users of IBM Spectrum Control get to choose which second-factor authentication method works best for them. The flexibility to choose a method can help ease to logging in with more that one factor. Learn how it’s done.
That’s it! After these steps are completed, MFA is enabled for IBM Spectrum Control and its users.
Video: Configuring MFA in IBM Spectrum Control
Watch the following video to get a detailed, hands-on walkthrough of how to configure MFA for IBM Spectrum Control.
The requirements and need to fortify your business with MFA will only increase during the coming years across industries and organizations. At a time when so many services and tools are moving online, where passwords are the primary defense against unauthorized access, MFA is a critical as one of the most effective methods to help prevent cyber crimes.
IBM Spectrum Control 5.4.10 can help you meet MFA requirements and protect your business, its users, and your customers. Download or purchase it now!
Downloading IBM Spectrum Control 5.4.10
If you have an IBM ID and have purchased IBM Spectrum Control, you can download packages for a new installation or download packages that you can apply as an upgrade or fix to your existing installation.
- To download the package for a new installation of IBM Spectrum Control, go to Passport Advantage Online.
- To download the package for upgrading or applying the latest fixes to your existing installation of IBM Spectrum Control, go to Fix Central.
- If you are downloading the package for a new installation, a license is required and is included on Passport Advantage Online.
- If you are downloading the package for an upgrade, your existing license is transferred.
Fix Central is the recommended site for retrieving fixes for most IBM products. Fix Central enables you to search, select, and download appropriate fixes for their situation. For more information, see the release document.#infrastructure-highlights