Kisco Adds DUO Support to i2Pass, Okta Up Next
October 4, 2023 Alex Woodie
IBM i shops that desire multi-factor authentication (MFA) may be interested in the latest release of Kisco Systems’ MFA software, i2Pass, which adds support for the popular authenticator app from DUO. Support for Okta is coming next, the company says.
DUO Mobile is a popular authenticator app that runs on your smart phone and communicates with server-based MFA and two-factor authentication (2FA) systems to provide more assurance that the person asking for authentication is who they say they are. It was labeled the top 2FA product by the New York Times, which cited its simplicity.
DUO Mobile users can authenticate themselves for IBM i access now that Kisco Systems has added support for it in i2Pass 4.0. That gives users and organizations another layer of security in addition to passwords and user IDs, which are not secure and can be compromised when sent over the Internet, such as with a Telnet session.
Previously, i2Pass would require a user to enter a special passcode that was sent to users via text message or email upon requesting access to a system or application. With the addition of DUO Mobile support, Kisco is now moving into the world of authenticator apps, which some IT professionals think are more secure.
Kisco has added support for the DUO Mobile authenticator app in i2pass.
Authenticator apps are the next step in improving security with MFA products, says Kisco’s Head of Business Development CEO Justin Loeber.
“They improve security because the authenticating party must have access to a physical device,” he says. “This update demonstrates that Kisco is delivering solutions for the modern era of IBM i. We’re adding more and more API-driven functionality.”
The recent ransomware attack on MGM, which brought down critical systems like hotel and restaurant reservations, payment systems, digital key slots, slot machines, ATMs, and parking payment systems, is shining a spotlight on the need for better authentication. The attackers reportedly utilized a “vishing” technique, in which they impersonated an IT staffer by using information gleaned from the staffer’s LinkedIn profile to convince the casino’s help desk to reset their account.
“Social engineering attacks should scare the [heck] out of everyone. It’s so crazy how easy and stupid that attack was,” Loeber tells IT Jungle. “Our i2Pass software implements MFA, which would easily have shut down the MGM incident.”
While the combination of a username and password has long been viewed as not secure, since they can be easily sniffed out by hackers over the Internet and Telnet sessions, relying on the help desk to be a last line of defense also carries some risk, according to Loeber.
“There’s a certain amount of angst built into the platform right now,” Loeber continues. “Survey says ‘security’ is the top concern of CIOs who run IBM i, but I’m not sure I believe that. If I were in their shoes, I’d be more worried about staffing.”
While the one-time passcode feature is still supported, Kisco is moving strongly in the direction of authenticator apps to bolster security. In addition to offering DUO Mobile support, it’s currently working to add support in i2Pass for Okta, a popular identify and access management (IAM) software provider that includes an authenticator app as one of its offerings.
“Okta is up next because we’re seeing a lot of shops using it already,” Loeber says. Okta support is likely before the end of the year; Microsoft Authenticator support is also on the docket.
Use of DUO or any authenticator app requires a separately priced Kisco product called kConnect, which Kisco launched earlier this year. kConnect introduces support for short message service (SMS), i.e., texting, capabilities to Kisco’s IBM i products. Once a customer has licensed kConnect, they can use product authenticator apps like DUO (and Octa in the future) without any additional charges.
i2Pass 4.0 also brings a new graphical user interface (GUI). Dubbed Bluescape, Kisco’s clean-looking new GUI template has now made it into i2Pass, after previously being integrated with Kisco’s other products, like iFileAudit and iEventMonitor.
For more information, see Kisco’s website at www.kisco.com.
RELATED STORIES
Why You Should Be Concerned About the MGM ‘Vishing’ Attack
Kisco Brings Native SMS Messaging to IBM i
Kisco Makes Moves In the IBM i Security Business
