Securing The Future Of NonStop

CSP Logo -Final - (Photoshop).png

It’s hard to believe that 2021 is almost over. Most of us are still getting used to our post-pandemic lives. And as life slowly returns to normal, we should take a moment to reflect on the challenges and successes of the past year. The end of the year is always a great opportunity to look ahead and set goals for the future. And I am not just talking about those pesky New Year’s resolutions that we quickly forget once February comes along.

As individuals and as organizations, we should take a moment to visualize where we want to go, plan a roadmap for how we want to move forward, and start taking the necessary steps to help us reach those goals.

The timing of the NonStop Technical Boot Camp is the perfect opportunity for our community to reflect on the past and look ahead to the future. The event is also a great way to share achievements and discover new and buzzworthy topics. Perhaps one of the top discussions this year was the introduction of the HPE GreenLake program into the NonStop platform. This program opens up several exciting opportunities for partners and customers. We are already working on ways to integrate our products with the GreenLake program, and it is a project that we are excited to undertake.

Security, as always, was at the top of everyone’s mind during this year’s NonStop Technical Boot Camp. HPE held a Security Panel and CSP participated along with other NonStop security experts. The panel was a great reminder of the important role that security plays within the modern IT infrastructure. That is why at CSP, modernizing and improving our solutions to provide the best security available for NonStop remains the top priority for our organization.

We work hard to stay ahead of the inevitable changes that the NonStop landscape will face, and our goal remains unchanged after 35 years in the industry. We’ll continue to find ways to honor our past and preserve our legacy while looking at the future to ensure we offer our customers the best security solutions available for NonStop systems.

This year one of our proudest achievements was the introduction of a new, cloud-based framework for some of our most popular applications. We are starting things off with the release of the redesigned CSP Authenticator+, our new cloud-native application for multi-factor authentication. The cloud version of CSP Authenticator+ now includes high availability, scalability, flexibility, and security, and it was built using modern technologies. Let us show you how you can effectively secure your critical applications using our modern, cloud-native solutions.

 

Securing Cloud-Native Applications with Multi-Factor Authentication

Developers are under pressure to build and ship applications faster than ever and update applications frequently through automated processes. Corporations are now deploying applications developed on containers straight into production, managing them with orchestration tools such as Kubernetes, and running them in the cloud.

As a result, productivity increases, but so does the organizational risk. Striking a balance between speed and security requires a comprehensive strategy to proactively address cloud-native security requirements. An inclusive cloud security strategy allows an organization to detect security issues earlier in the development lifecycle without slowing down the whole process.

Organizations must implement a multi-pronged security approach to ensure secure access to information across the different cloud environments. The unified policies should govern access and control, regardless of whether the security gateways and services are located onsite or on the Cloud.

An organization has to consider deploying the right security solutions for cloud-based business operations. Strengthening network and IT infrastructure security is crucial for businesses. When it comes to cloud security, it is not just about simply placing a firewall at the peripheral of the cloud Infrastructure. From a security standpoint, it includes a comprehensive analysis of the current policies, procedures, and security standards that are in place.

New technologies for building cloud applications such as containers, Kubernetes, and serverless architectures are reshaping the way enterprises build and deploy business applications. They have also introduced a new set of risks that you can’t mitigate by applying traditional approaches to application security. So how do you ensure the security of your cloud-native applications?

Depending on the current security stance, the organization will have to implement numerous security tools, including Intrusion Prevention and Detection Systems, Identity Access Management, and Multi-factor Authentication.

On this last item, modern authentication methods represent a more robust security structure, and also provide a better user experience when logging into applications. MFA also makes it easier for auditors to get answers to critical compliance questions; providing information such as which users are granted access to which system, and also how the access policy is being reliably enforced. Additionally, some of the modern MFA applications available today also include reporting capabilities, which ensure that compliance standards, such as PCI DSS, are being met.

 

Introducing the New CSP Authenticator +
Cloud-Native Application

CSP Authenticator+® provides multi-factor authentication for NonStop servers and supports various authentication methods. It can be used as a Safeguard SEEP or with Pathway and non-Pathway applications. Almost any application, including TACL, can now easily support multi-factor authentication.

The new CSP Authenticator + cloud-native application was developed using a modern cloud-based framework. This redesign focuses on providing security, flexibility, and scalability.

Multiple authentication methods such as RADIUS, Active Directory, RSA, and Open LDAP are supported. Additional authentication methods include Email, Text Message, and Google Authenticator.

New features:

  • New cloud-based framework – A new cloud native application built using modern technologies
  • Support for Kubernetes Helm deployments – easy to deploy in cloud environments using Kubernetes framework
  • Support for High Availability environments – Create highly available Kubernetes clusters for resiliency
  • No differentiation between Primary and Secondary authentication – users can choose any mix of available authentication methods, and even choose more than 2 authentication methods
  • Application based authentication methods are now supported, and more authentication methods are being added. Authentication methods currently supported include RSA, LDAP, Active Directory, RADIUS, Google and Microsoft authenticator, OTP via Email, and OTP via SMS
  • Set different authentication methods for different user groups and privileged groups
  • Redesigned user-interface makes it more intuitive and user friendly
  • Maintain a matrix of authentication profiles, policies (authentication methods), and users
  • Support for various databases, including Amazon S3, Atlas Cloud service, MongoDB, etc.

Benefits:

  • Protect valuable resources & data.
  • Add layers of authentication for secure access to systems and critical applications.
  • Address PCI compliance requirement 8.3 which requiring multi-factor authentication for all personnel with remote access, and non-console administrative access to the cardholder data environment.
  • Integrate with centralized ID management systems to effectively manage users.

 

CSP Authenticator+ Key Features:

  • Support for multiple authentication factors including RSA, RADIUS, Active Directory, and LDAP, Microsoft, Google, OTP
  • Create various profiles and policies for different set of users, and applications
  • Ability to use more than two authentication methods
  • Provides standardized authentication across platforms
  • Configure for all or only selected/privileged users
  • Fully encrypted communications with cloud native application
  • Supports various databases
  • Support for new authentications methods
  • Supports TACL, Pathway and Non-Pathway applications

 

CSP – Compliance at your Fingertips™

For complimentary access to CSP-Wiki®, an extensive repository of NonStop security knowledge and best practices, please visit wiki.cspsecurity.com

HPE PartnerOne Insignia.jpegWe Built the Wiki for NonStop Security ®

The CSP Team

+1(905) 568 –8900

 

Author


  • Henry Fonseca is a business professional with a background in branding, market development, customer relations and financial management. Over the past three years, Henry has managed a successful repositioning & rebranding of CSP's corporate profile. As the Marketing and Relationship Manager, Henry continues to develop an integrated marketing and business strategy to achieve CSP’s goals.

Be the first to comment

Leave a Reply