Multi-factor Authentication at the Network
Description
When an administrator logs on to an AIX host, multi-factor authentication can be utilized to ensure the person logging on to the system is not a hacker that has stolen login credentials. In 1Q of 2018, PCI 3.2 will require PCI environments to enforce multi-factor authentication for all administrative access to the CDE environment. This is extremely effective at preventing a hacker from utilizing stolen username/password login credentials to gain access to your systems. Security breach after security breach show us one of the first steps hackers execute in order to initiate their attack is to defeat your authentication security controls. The Target Breach of 2013 is a perfect example. The hackers in that breach used stolen login/password credentials to gain initial access to the Target network. These stolen credentials would have been useless if Target had implemented multi-factor authentication.
There are many types of solutions for multi-factor authentication, but the one that clearly stands out as the best, especially for PCI environments, is multi-factor authentication that is done at the network level. This would be implemented at the firewall. So in order to connect via the network to any secure environment, you would need to successfully multi-factor through the firewall’s multi-factor implementation.
Security Steve 