Regulatory compliance and security of critical systems, applications and data are top-of-mind issues for IT organizations in 2018. New capabilities are now available from the Syncsort Assure products that can help your organization achieve and maintain compliance while strengthening IBM i security.
View this webinar on-demand to discover how new innovations from Syncsort can help you meet your auditing and control needs.
2. Housekeeping
Webcast Audio
• Today’s webcast audio is streamed through your computer speakers.
• If you need technical assistance with the web interface or audio,
please reach out to us using the chat window.
Questions Welcome
• Submit your questions at any time during the presentation
using the chat window.
• We will answer them during our Q&A session following the
presentation.
Recording and slides
• This webcast is being recorded. You will receive an
email following the webcast with a link to download
both the recording and the slides.
3. Topics
• Syncsort’s Security portfolio today
• New multi-factor authentication for IBM i
• New Cilasoft 5.33 release
• New Enforcive 8.3.03 release
• Learn more
• Q&A
3
5. Syncsort’s Security Portfolio
Security
Cilasoft
Cilasoft Compliance
and Security Suite
QJRN/400
QJRN Database & QJRN System
CONTROLER
EAM
RAMi
CENTRAL
Alliance
Alliance
AES/400
Townsend’s Alliance
Key Manager
Alliance Token
Manager
Alliance
FTP Manager
Alliance
XML/400
Alliance
LogAgent Suite
Alliance Two Factor
Authentication
Enforcive
Enterprise Security
Suite
Security Risk
Assessment
Cross-Platform Audit
Cross-Platform
Compliance
Password Self-Service
AIX Security
Quick
Quick-CSi
Quick-Anonymizer
5
Syncsort’s portfolio of
Security solutions has grown
through acquisition.
Today Syncsort’s Security
product line has the breadth
and depth to meet nearly
any compliance or security
need.
6. SIEM Integration
Ensure IBM i security activity can
be fed into an enterprise security
monitoring console
Fraud
Detection/Prevention
Ensure comprehensive control of
unauthorized access and the
ability to trace any activity,
suspicious or otherwise
Compliance
Prove to auditors that access is
controlled and the system is in
compliance
There are 3 broad
categories of security
& compliance needs
6
9. Sensitive Data Protection Syncsort
Security
Solutions
Alliance AES/400,
Townsend Alliance Key Manager,
Alliance Token Manager
Enforcive
Field Encryption
Quick-Anonymizer
9
Security Risk
Assessment
Sensitive
Data
Protection
Compliance
Acceleration
10. Secure Data Transfer
Alliance FTP Manager
Syncsort
Security
Solutions
10
Secure Data
Transfer
Security Risk
Assessment
Sensitive
Data
Protection
Compliance
Acceleration
12. Elevated Authority Management
Cilasoft Elevated
Authority Manager
(EAM)
Syncsort
Security
Solutions
12
Elevated
Authority
Management
Secure Data
Transfer
Enhanced
Password
Management
Security Risk
Assessment
Sensitive
Data
Protection
Compliance
Acceleration
13. Comprehensive Access Control
Cilasoft CONTROLER
Enforcive Enterprise
Security Suite
(for IBM i and for AIX)
Syncsort
Security
Solutions
13
Elevated
Authority
Management
Secure Data
Transfer
Enhanced
Password
Management
Access
Control
Security Risk
Assessment
Sensitive
Data
Protection
Compliance
Acceleration
14. System and Database Auditing
Cilasoft
QJRN/400
Enforcive
Enterprise Security Suite
(for IBM i and AIX),
Cross-Platform Audit
Quick-CSi
Syncsort
Security
Solutions
14
Elevated
Authority
Management
Secure Data
Transfer
Enhanced
Password
Management
System &
Database
Auditing
Access
Control
Security Risk
Assessment
Sensitive
Data
Protection
Compliance
Acceleration
15. Reporting, Alerting, Log
Forwarding & SIEM Integration
Cilasoft
Security Suite
Alliance LogAgent Suite
Enforcive Security Suite
with Data Provider
Ironstream for i
Syncsort
Security
Solutions
15
Elevated
Authority
Management
Secure Data
Transfer
Enhanced
Password
Management
System &
Database
Auditing
Access
Control
Security Risk
Assessment
SIEM
Integration
Alerts and
Reports
Sensitive
Data
Protection
Compliance
Acceleration
Log
Forwarding
16. Additional Security Tools
Cilasoft
Reinforced Authentication
Manager for i (RAMi)
Cilasoft
CENTRAL
Cilasoft
Job Log Explorer
Enforcive
Firewall Manager
Enforcive
Password Self-Service
Syncsort
Security
Solutions
16
Elevated
Authority
Management
Secure Data
Transfer
Enhanced
Password
Management
System &
Database
Auditing
Access
Control
Security Risk
Assessment
SIEM
Integration
Alerts and
Reports
Sensitive
Data
Protection
Compliance
Acceleration
Log
Forwarding
Comm Port
Security
Password
Self-Service
Supervised
4-Eyes
Operations
Job Log
Analysis
Secure Data
Consolidation
&
Distribution
17. Flexible services offerings for security
• Security risk assessment
• Quick start services
• Quick check services
• Security update services (installing hot fixes, PTFs, new releases, etc.)
• System update services (ensuring security solution is properly configured
after system changes to IP addresses, OS versions, etc.)
• Auditor assist (supporting internal or external auditors)
• Managed security services
• A la carte consulting
Leverage Syncsort’s team of seasoned security experts!
Global Professional Services
Add Value to Your Investment
1717
18. Syncsort can help
with all your
compliance,
security or SIEM
integration needs!
18
Elevated
Authority
Management
Secure Data
Transfer
Enhanced
Password
Management
System &
Database
Auditing
Access
Control
Security Risk
Assessment
SIEM
Integration
Alerts and
Reports
Sensitive
Data
Protection
Compliance
Acceleration
Log
Forwarding
Comm Port
Security
Password
Self-Service
Supervised
4-Eyes
Operations
Job Log
Analysis
Secure Data
Consolidation
&
Distribution
Learn more at
www.syncsort.com/en/assure
20. • The purpose of Multi-Factor Authentication is to add a layer of
security beyond passwords or passphrases
• Multi-Factor Authentication (MFA), also known as Two Factor
Authentication (2FA), requires two of the following factors :
• Something you know (user ID, password, PIN)
• Something you have (smart phone, email, token device)
• Something you are (fingerprint, iris scan, facial image)
• Multi-Factor Authentication is a strong requirement in PCI-DSS 3.2,
HIPAA, NYDFS Cybersecurity Regulation, Swift Alliance Access, & more
• Multi-Factor Authentication relies on services such as RSA SecurID,
Twilio and Authy, Telesign, Microsoft Authenticator, Google
Authenticator, and Duo
What is Multi-Factor
Authentication?
20
21. Multi-Step vs.
Multi-Factor Authentication
• Multi-step authentication
• Two authentication steps are presented separately; for example a
password step followed by a security question
• If authentication fails, the user recognizes which step failed
• Multi-factor authentication
• Multiple factors of authentication are presented at the same time; for
example a password and single-use authentication token
• All factors must be validated before granting access
• If authentication fails, the user does not know which factor failed
• Not understanding multi-factor authentication failures is frustrating
for end users, but it is required by regulations such as PCI
21
22. ✓ Adds an authentication layer above and beyond memorized or
written passwords
✓ Invokes rules-based multi-factor authentication only for users or
specific situations that require it
✓ Allows multi-factor authentication failures to be monitored from
a SIEM server
✓ Enables your organization to meet audit and regulatory
requirements and recommendations
✓ Lowers the risk of unauthorized access to systems, applications
and data
✓ Reduces the risk of data theft and its costs and consequences
Introducing Cilasoft RAMi –
Reinforced Authentication Manager for i
22
23. RAMi can be initiated in 3 ways:
1. Integrated multi-factor authentication in the
5250 IBM i signon screen
2. Integrated two-step authentication in the
5250 IBM i signon screen
3. On demand (manually or via a program)
Flexible Options for Initiating RAMi
Integrating multi-factor authentication into the 5250
signon screen requires modifications to subsystems
23
24. • RAMi’s rules engine makes it easy to configure which users or specific situations require multi-factor
authentication whether integrated into the signon screen or on-demand
• Rules criteria include whether the user is:
• registered or unregistered
• a limited capability user
• a member of specific group profiles
• in possession of special authorities
• using a specific device
• authenticating from a specific subsystem or iASP
• using a particular IP address
• authenticating at a certain date or time
• If RAMi is invoked on demand, the calling program can also be a criterion
• Pre-defined rules are provided to help you get started quickly
Powerful Rules
24
25. • Cilasoft authentication
• Token is transmitted by email and/or popup
• Recommended for less demanding environments where
cost is an issue
• RADIUS authentication
• RADIUS client ported natively on IBM i
• Recommended for organizations that
• Have their own RADIUS server
• Already use another solution based on RADIUS
• RSA SecurID authentication
• For most demanding environments
• RAMi is Certified with RSA SecurID
• DOC-92160 on RSA’s community site contains the RSA
SecurID Access Implementation Guide for RAMi
Supports Multiple Authentication Methods
25
26. •
• RAMi can also be used to grant users the ability to
• Re-enable their profiles
• Change their passwords
• If configured, users can answer pre-configured security
questions and/or receive a single-use token via pop-up,
email or RSA SecurID device
• After providing their authentication token, users can
perform their change
Self-Service Re-Enablement
& Password Changes
26
27. Certain actions require supervision
• Operations that could have significant impact on the server
• Changes to extremely sensitive data
RAMi supports the “four eyes principle” for supervised changes
• At the user’s request, an admin receives:
• A single-use token
• The user’s identify
• The job number
• The administrator enters the single-use token into the user’s
screen and observes the change while it is made
The Four Eyes Principle
for Supervised Changes
27
28. • Powerful, flexible multi-factor authentication for IBM i
• Options to initiate from the 5250 signon or on-demand
• Options for multi-factor or two-step authentication
• Provides support for multiple authentication methods
• Logs authentication failures for monitoring from a SIEM server
• Enables self-service profile re-enablement and password changes
• Supports the four eyes principle for supervised changes
• RSA certified
Strengthen IBM i Security with Cilasoft RAMi
Username:
Password:
Token Code:
Login Cancel
28
30. RAMi Customer Story
• US-based life insurance
company subject to New York
Department of Financial
Services Cybersecurity
Regulation (23 NYCRR 500)
• Failed compliance audit
• Directive to implement multi-
factor authentication from the
IBM i signon screen
Challenge Technical Environment Solution
• Some users have RSA tokens
and others do not
• Use Enforcive product to
address other security needs
• Cilasoft RAMi
• Secures Telnet signon
• Cilasoft and RSA SecurID
authentication methods
• Rules configured for
• On-demand, one-time tokens
by email for most users
• RSA authentication for
remote users
30
31. Cilasoft RAMi or Alliance 2FA –
Which Fits Your Needs?
31
Capability Cilasoft RAMi Alliance Two Factor Authentication
Certification RSA NIST
Supported authenticators 1. Cilasoft method
2. RADIUS servers
3. RSA SecureID servers or cloud service
Twilio’s Authy voice & mobile
Ability to integrate with programs or
workflow
Yes Yes
Configurable by user or situation Yes, extensive rules-based configuration Yes, detects high privilege users
Failure results Optional profile disablement on failure Optional profile disablement on failure
Profile and password self-service Yes No
34. • FCS – July 24; Target GA – August 28
• New GDPR compliance acceleration
• Enhancements delivered in three modules
• Compliance – Predefined GDPR templates
• Report Generator – Predefined GDPR reports
• Alert Center – Predefined alerts for GDPR
• New predefined templates, alerts, and reports for GDPR compliance
Enforcive 8.3.03
34
35. • FCS – July 24; Target GA – August 28
• New GDPR compliance acceleration
• COMPLIANCE - New Object Authority commands for managing compliance templates
• Commands allow user to add, update and delete an object authority template
• Commands will create a template if it doesn’t exist, or update an existing template
Enforcive 8.3.03
35
36. • FCS – July 24; Target GA – August 28
• New GDPR compliance acceleration
• COMPLIANCE - New Object Authority commands for managing compliance templates
• SIEM INTEGRATION - System Audit Data Provider now supports all action type journal codes
• ENCRYPTION - Field Encryption and Field Security can now encrypt fields of up to 4,000 characters
• ENCRYPTION - The maximum number of field registry entries has been increased to 32,000
• ACCESS CONTROL - New SWPONT command enables account swapping with a specified user
• Many additional customer requests, fixes and enhancements
Enforcive 8.3.03
36
38. • GA – targeted for late August
• New automatic report creation
• Cilasoft QJRN/400 produces clear, easy-to-read reports from IBM journals
• A new fully automatic report type is available in QJRN/400 in version 5.33
• Administrators pick a file, pick the format, and the report is done
• QJRN/400 automates the task of finding the important fields and changes
Cilasoft 5.33 Enhancements
38
39. • GA – targeted for mid-August
• New automatic report creation
• New GDPR models and scripts
• Cilasoft QJRN/400 5.33 makes it easier to become GDPR compliant and maintain compliance
• New models and scripts report on deviations against the best practices required by GDPR
• Administrators simply supply the list of files that need to be audited
Cilasoft 5.33 Enhancements
39
40. • GA – targeted for mid-August
• New automatic report creation
• New GDPR models and scripts
• Enhanced categorization of security events in SIEM consoles
• Events from IBM i security vendors appear generic when sent to SIEM consoles
• Cilasoft modules now map events to specific QRadar categories to simplifying monitoring
Cilasoft 5.33 Enhancements
40
41. • GA – targeted for mid-August
• New automatic report creation
• New GDPR models and scripts
• Enhanced categorization of security events in SIEM consoles
• Minor enhancements
• Temp keys are no longer calculated at installation time
• New command (DSPQSSTS) tells you if a job is currently using elevated authority
• EAM can log the activity of a batch job
• EAM can end ODBC jobs if an EAM job remains active after a configured number of warning messages is met
• The list of sources covered by System Examiner has been expanded (network attributes and program details
are now covered)
Cilasoft 5.33 Enhancements
41
43. Syncsort’s Security Webinars
43
Date Title
On-Demand GDPR & IBM i Security
On-Demand Top Ten Tips for IBM i Security & Compliance [Guest speaker: Dan Riehl]
On-Demand Top 5 Encryption Myths for IBM i Users [Guest speaker: Patrick Townsend]
On-Demand Accelerating Regulatory Compliance for IBM i Systems
On-Demand Taking Control of Access to Your IBM i Systems and Data
August 20 Securing IBM i User Profiles
August 27 Detecting Fraudulent Activity on Your IBM i
September 14 Securing Sensitive IBM i Data At-Rest and In-Motion
September 28 Assessing IBM i Security Risks
September 25
Does your IBM i Security Meet the Bar for GDPR?
Learn How to Put Effective Compliance Measures in Place
44. Syncsort’s Latest Security eBooks
“Passing Your Next Audit: The Challenges of Properly
Securing Your IBM i and Maintaining Compliance”
“Three Imperatives for Keeping IBM i Environments in
Compliance with GDPR”
“Four Powerful Ways Exit Points Can Be Used to Secure
IBM i Access”
Coming Soon!
“Multi-Factor Authentication for IBM i—a Primer”
44
46. Stay Tuned
• Enhancements planned for all brands
• Usability enhancements
• Customer requests
• More compliance modules
• Products will be brought into a common framework
• Common install process
• Common status dashboard
• Tighter integration with Syncsort HA
• Integration of Security with HA switch processes
• Shared status dashboard
• Stay tuned for more announcements!
46
47. Recap
✓ Syncsort has grown a broad and deep Security
portfolio through acquisition
✓ Cilasoft RAMi is now available for multi-factor
authentication
✓ New releases for Enforcive and Cilasoft products
✓ Many opportunities to learn more
✓ Stay tuned for more announcements on
Syncsort Security