Kisco Brings Native SMS Messaging to IBM i
February 1, 2023 Alex Woodie
Kisco Information Systems recently launched a new IBM i product designed to facilitate native SMS messaging on IBM i. Pre-integrated with Twilio, kConnect will not only keep administrators aware of security and other events occurring on IBM i, but it will also help streamline the configuration of two-factor authentication (2FA) setups on the box.
Kisco’s newest IBM i utility allows users to send SMS messages to recipients directly from an IBM i application, which can be useful for a variety of reasons. The product supports sending messages via a command line or directly from their custom IBM i applications, using CL and RPG code snippets that Kisco includes with the product.
kConnect is pre-integrated with three Kisco products, including the network security utility SafeNet/i, the 2FA offering i2Pass, and iEventMonitor, which provides a remote monitoring service. This integration allows users to receive native SMS messages directly if, for example, a security event is detected by SafeNet/i, a user needs to be authenticated via i2Pass, or iEventMonitor has detected that a disk-usage threshold has been exceeded.
The new software requires a customer to have an account set up with a third-party SMS service. Currently it requires Twilio, but other SMS services will be available for use with kConnect in the future, the company says.
Using a native SMS service is superior because it doesn’t require the user to fuss around with an email-to-text conversion. That’s the current method supported by Kisco, but it’s an outdated method that can be tedious and time-consuming to configure, Kisco CEO Justin Loeber says.
“With some carriers, [email-to-text conversion] works fine, but others are starting to have more stringent requirements, for reverse-DNS lookup and stuff like that,” Loeber says. “Some of our customers were not wanting to add reverse DNS to their public domain. They weren’t willing to have to do all this stuff just so they could get messages from the i.”
More than half of Kisco’s help desk calls are related to the email-to-text alerting, Loeber says. The company has no plans to end support for use of the email-to-text, which is supported by all the major carriers. But the move to a native SMS service should help simplify the setup for customers, he says.
The move to native SMS will also pay dividends down the line for Kisco when it rolls out a new MFA offering that should allow IBM i shops to adopt the latest authentication standards.
“The underlying architecture that allows us to interact with a third party messaging API is the same Archi urea that we’re leveraging now that will allow us to do the next release of our 2FA products, which will be able to work authenticator apps,” Loeber tells IT Jungle. “So the same core functionality, kConnect, will also be part of that flow of communication.”
Enterprises are starting to adopt authenticator apps, such as Microsoft Authenticator or Duo Mobile, to help ensure only authorized individuals are given access to sensitive data and applications. With authenticator apps, the second form of authentication (besides the user name or other initial identifier) is the app itself, which the user has already been authenticated to.
Authenticator apps have one key advantage over traditional 2FA and multi-factor authentication (FFA) methods: There’s no need to enter a six- or eight-digit PIN. That will be important when Kisco rolls out another new capability in its security lineup: the ability to receive an alert when somebody tries to access an IBM i exit point.
“When it comes to 2FA, email is not considered to be secure anymore,” Loeber explains. “In order to complete the 2FA cycle with just email, somebody has to key in the code, which means you have to have access to the UI in order to complete the login. So if we’re trying to put 2FA in an exit point and no UI in play, we can’t do it.”
With native SMS hooked into authenticator apps, there’s no longer a need for a user to enter a PIN to prove themselves. If they initiate a transaction that involves an exit point on IBM i, they’ll receive a notification on their mobile device, asking them to authenticate that they had initiated the transaction. They click a button in the app, which communicates back to the Kisco product to enable access.
“We don’t have to worry about presenting a data input on the UI,” Loeber says. “It opens up a whole new world of places where we can integrate 2FA.”
kConnect is available now. New Kisco customers will pay $850 for a standalone copy, while existing customers can get a 40 percent discount on that. For more information, see www.kisco.com.
RELATED STORIES
Kisco Makes Moves In the IBM i Security Business