There have been numerous posts and tweets coming from the NonStop vendor community following RUG events worldwide: ETBC,...
Multi-Factor Authentication on Nonstop Made Easy!
Why is Multi-Factor Authentication so critical on NonStop?
Multi-Factor Authentication (MFA) is increasingly becoming one of the more critical security requirements to comply with regulations such as PCI 8.3 and GDPR, as well as to provide superior safety measures over easily compromised single password methods. Any application that has access to the cardholder environment must include Multi-Factor Authentication, from legacy Pathway applications to the latest RESTful interfaces, effective MFA must be provided for tools and applications that have the potential to access these environments.
The authentication mechanisms used for MFA should be independent of one another such that access to one factor does not grant access to any other factor, and the compromise of any one factor does not affect the integrity or confidentiality of any other factor.
What does PCI say about Multi-Factor Authentication?
One of the key changes to PCI DSS is an update to requirement 8.3, which now calls for organizations to strengthen their access security with MFA instead of the previously stated two-factor authentication. By changing the terminology of requirement 8.3, two forms of authentication are now the minimum requirement.
As detailed in PCI DSS version 3.2, any individuals with non-console administrative access to Cardholder Data Environment (CDE) must authenticate using MFA. “Non-console administrative access” means that the system is accessed over a network, as opposed to the system’s local screen and keyboard. This applies regardless of whether the individual is an employee or third-party IT support personnel.
An Exciting New Solution for MFA: CSP Authenticator+
Multi-Factor authentication has become vital in ensuring secure access to systems. The new CSP Authenticator+provides a RESTful interface to support multi-factor authenticated logins to NonStop systems.
CSP Authenticator+ can be used as a Safeguard Authentication SEEP or with Pathway and Non-Pathway applications. Methods supported include RSA SecurID, Email, Text Message, Google Authenticate and Radius. Many additional methods are planned for the future.
CSP Authenticator+ resides on the NonStop Platform and uses an OSS “bridge” to connect via a RESTful interface to the CSP MFA service. Almost any application, including TACL, can now easily support Multi-factor authentication.
Key features include:
- Support for multiple authentication factors, including SecurID (RSA) tokens
- Standardized authentication across platforms
- Configurable for all or selected users
- Certified for the latest RSA release
- Support for virtual addressing
So… What’s Next?
CSP has a major announcement regarding Multi-Factor Authentication and CSP Authenticator+, which will be unveiled at this year’s Nonstop Technical Boot Camp in Burlingame, CA. Stay tuned for more information regarding this revolutionary solution for MFA.
For more information on CSP solutions visitwww.cspsecurity.com
For complimentary access to CSP-Wiki®, an extensive repository of NonStop security knowledge and best practices, please visit wiki.cspsecurity.com
We Built the Wiki for NonStop Security®
Visit us at these upcoming shows to learn more about our exciting solutions for NonStop and beyond:
- ATUG – Atlanta, GA– September 19, 2018
- CTUG – Toronto, Canada– September 26, 2018
- MexTUG – Mexico City, Mexico– October 4, 2018
- Nonstop Technical Boot Camp – Burlingame, CA– November 12-14, 2018
The CSP Team
+1(905) 568 – 8900