NEWS ACROSS UNICOM GLOBAL

Only 20% of IBM mainframe customers are embracing multi-factor authentication to protect data and applications

Concerns about disrupting essential applications, skills shortages and end user resistance are among the key reasons holding back MFA adoption by mainframe user organizations

2018.11.26

Crawley, UK, November 26, 2018 – While 64 per cent of mainframers are aware that multi-factor authentication (MFA) is now available to control access to mainframe applications, only 20 per cent acknowledge their organization is already using it or plans to do so, according to a new survey. Concerns about disrupting applications, lack of mainframe and security skills and resistance from end users are some of the issues holding back adoption.

The findings come from a new poll of 81 mainframe users conducted by Macro 4, a division of UNICOM® Global, at the annual GSE UK Conference in November 2018.

“With data protection and security a major priority among most enterprises, it’s concerning that this new survey suggests mainframe shops have been slow to take up multi-factor authentication, which has been available for the platform since 2016,” said Keith Banham, Mainframe Research and Development Manager at Macro 4. “Continuing to rely on a password alone for user authentication exposes business-critical applications to unacceptable risk. Hackers are now very adept at misleading people into revealing their passwords or they use technology to crack, steal or by-pass them altogether.”

Mainframe MFA systems integrate with IBM’s Resource Access Control Facility (RACF) and go beyond traditional password verification methods by requiring users to present additional proof of identity, such as a password, a physical token, a biometric identifier or a time-restricted randomized PIN generated by a mobile app or other device.

59 per cent of the survey sample said they were aware that MFA is a key component of compliance, with regulations such as GDPR and the Payment Card Industry Data Security Standard (PCI DSS) requiring enterprises to take effective measures to control and protect access to personal information.

When asked to explain the reasons why businesses that run mainframes are not yet implementing MFA, 28 per cent cited the risks that come with making changes to older applications and 25 per cent pointed to a lack of mainframe skills. 22 per cent highlighted a lack of IT security skills and the same percentage also cited the challenges and cost of installing MFA hardware. 21 per cent felt that companies are facing resistance from end users, which is something experienced by many large enterprises (not just mainframe customers) when they try to introduce MFA:

In your opinion, why are businesses who are running mainframes not yet implementing multi-factor authentication (MFA)?

Risks of changing older applications to support MFA 28%
Lack of mainframe skills 25%
Challenges and cost of installing MFA hardware 22%
Lack of IT security skills 22%
End users are resistant 21%
Challenges and cost of installing MFA software 17%
Businesses don’t feel it’s necessary 16%
The whole implementation process is too complex 12%

According to Banham, mainframe customers must find ways to make MFA roll-outs easier and less onerous. One such solution is modern session management software, which many organizations already use to give their users single sign-on access to their mainframe applications, as he explained:

“A session manager only requires users to log in once in order to access all their applications. They can then switch between their applications throughout the day without having to re-authenticate each time. Implementing MFA on a session manager can therefore save a lot of effort because you only have to do it in one place – the session manager – rather than on the many individual applications that are typically hosted on a mainframe. And by choosing this approach you don’t actually touch the applications themselves so there’s no risk of causing any disruption.”

An additional challenge is that some older mainframe applications may not be compatible with MFA, so using a session manager sidesteps the need for additional coding changes to support MFA, said Banham.

Session managers can also help to reduce resistance from those end users who are reluctant to adopt new authentication methods, he added:

“By incorporating help and guidance messages – or reminders about the new authentication process - on the session manager login screen, you can minimize any initial end user confusion and help make MFA roll-outs a more user-friendly experience.”

“Any new technology roll-out will bring challenges, whether they’re technical hurdles, concerns over resources or reluctance from people who aren’t comfortable with having to change, but adopting MFA is something mainframe shops must do so it’s good news that there are shortcuts available to make it easier.”

An overview of the survey and key findings can be viewed on an infographic at: https://www.macro4.com/gse-uk-mfa-survey-infographic.pdf

Media Contact:
Uday Radia
CloudNine PR
+44 (0)7940 584161
uradia@cloudninepr.com


About Macro 4
www.macro4.com
Macro 4, a division of UNICOM Global, develops software solutions that accelerate business transformation. Macro 4’s cross-platform enterprise information management solutions make it easy for companies to go digital, personalize customer communications and unlock the value of their corporate content. Macro 4 solutions for application lifecycle management, session management and performance optimization are used by many of the world’s largest enterprises to modernize their mainframe applications and development processes.

About UNICOM® Global www.unicomglobal.com
UNICOM Global consists of more than forty (40) corporate entities encompassing a wide range of businesses across all geographic regions. With its corporate headquarters in Los Angeles, California, to offices in Illinois, Kentucky, Florida, Massachusetts, Maryland, Minnesota, New Hampshire, North Carolina, New Jersey, New York, Texas and Virginia, throughout EMEA in the UK, Ireland, Germany, France, Italy, Spain, Denmark, Belgium, Switzerland and the UAE, and across Asia/Pacific with locations in Japan, China, India, Australia, Korea, Thailand, Taiwan and the Philippines.

UNICOM Global offers deep in-house resources and flexible IT solutions to our partners worldwide. UNICOM Global focuses on acquiring and integrating mature and growing mid-cap NASDAQ, London Stock Exchange AIM and German publically-traded companies in technology, financing, IT, real estate, and business services. Please visit our websites for additional information about the services, products and solutions that UNICOM Global offers:

www.unicomglobal.com UNICOM Global - Assets, capital and investment management
www.unicomsi.com UNICOM Systems - IBM Mainframe software products
www.unicomgov.com UNICOM Government (formerly NASDAQ: GTSI) - Government IT solutions
www.unicomengineering.com UNICOM Engineering (formerly NASDAQ: NEI) Appliance platform
www.unicom.org UNICOM Science and Technology Parks
www.unicomtechnologypark.com UNICOM Technology Park - Innovation Labs in Virginia
www.unicomsciencepark.com UNICOM Science and Technology Park - Innovation Labs in New Jersey
www.unicom-capital.com UNICOM Capital - Business and Financial Services
www.solidDB.com solidDB – In-memory relational database management system
www.usrobotics.com U.S. Robotics - Data communications products
www.memeo.com Memeo - Enterprise-grade Secure File Sharing for the Cloud
www.firetide.com Firetide - Wireless technology solutions for security and transportation
www.detec.com DETEC - Document composition products
www.softlanding.com SoftLanding Systems - IBM i software products
www.macro4.com Macro 4 (formerly LONDON: MAO) - Document Management products
www.illustro.com illustro - z/OS and z/VSE software products
www.iet-solutions.com iET Solutions - ITIL® ITSM software products
www.eden.com Eden - Mergers & Acquisitions, Business & Financial Services, and Real Estate
www.cics.com CICS.com - Hardware, Software, Outsourcing and Professional Services

All trademarks referenced herein are trademarks of their respective companies.

Tags:

Warning: Unknown: open(/home/unicom6/public_html/files/tmp/sess_6u4fg0o320e9lbi64tjtgcpaj1, O_RDWR) failed: No space left on device (28) in Unknown on line 0

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/home/unicom6/public_html/files/tmp) in Unknown on line 0