2. About Vanguard
Founded: 1986
Business: Cybersecurity Experts for Large Enterprises
Software, Professional Services,
and Training
Customers: 1,000+ Worldwide
Over 20 distributors/resellers serving 50+ countries worldwide
3
3. Data Breaches
Number of breaches and
outside attacks increasing
Continuing problem of insiders -
malicious or by accident
4
4. “Target was certified as meeting the standard
for payment card industry (PCI DSS) in
September 2013. Nonetheless, we suffered a
data breach…”
now ex-chairman, ex-president, and ex-CEO of Target
Corporation, Gregg Steinhafel (http://buswk.co/1lT9j0X)
6
7. Data Breaches: Two Themes
Mandiant: 2014 Data Breach Report
100% of breaches examined included an
exploitation of a user id and password that was
compromised.
7
8. MULTI FACTOR AUTHENTICATION
• An Industry full of often
confused terms
– Multi-Factor Authentication is a
method of requiring factors from the
following three categories;
• Knowledge Factors
• Possession Factors
• Inherence Factors
16. MULTI FACTOR AUTHENTICATION
Exposure Issues
• Coding Flaws – Exposures in the Code of the applications,
protocols, or other
Example: Attackers Exploit the Heartbleed OpenSSL
Vulnerability to Circumvent Multi-factor Authentication on
VPNs http://www.pcworld.com/article/2095860/cybercriminals-compromise-home-
routers-to-attack-online-banking-users.html
• http://www.darkreading.com/attacks-and-breaches/zeus-
botnet-eurograbber-steals-$47-million/d/d-id/1107673?
• http://www.technologyreview.com/news/415371/real-time-
hackers-foil-two-factor-security/
• http://www.scmagazine.com/yahoo-session-hijacking-likely-
culprit-of-android-spam/article/250454/
• https://www.mandiant.com/blog/attackers-exploit-heartbleed-
openssl-vulnerability-circumvent-multifactor-authentication-
vpns/
17. MULTI FACTOR AUTHENTICATION
• US based Regulation and Guidance
– NIST FIPS 201/HSPD-12
– HIPPA
– NERC CIP
– NIST SP 800-63-2
– PCI DSS
– FFIEC
19. Vanguard
Software
We provide you with the analytical tools that allows you to do an in-depth audit of
your z/OS systems against multiple standards
Provides detailed explanation, risk analysis, user action to correct
Services
We will execute z/OS system audits against multiple standards
We will also remediate
Training
We will train you how to audit z/OS systems against multiple standards
We will also train you to remediate
33
21. For more information
Call 800-794-0014 or email us at info@go2vanguard.com
Grazie
Japanese
Thank You
English
Merci
French
Russian
Danke
German
Italian
Gracias
Spanish
Obrigado
Brazilian Portuguese
Arabic
Simplified Chinese
Traditional Chinese
Hindi
Thai
Korean
37