Educause Security Discussion mailing list archives
Re: Seeking insights on Two-factor Authentication roll-out from those who implemented at their campuses
From: Brad Judy <brad.judy () CU EDU>
Date: Tue, 2 Jun 2015 22:33:46 +0000
Tom, I gave a presentation at Educause SPC about the CU deployment of Duo for step-up multifactor on sensitive HR self-service components (which is also expanding to other services). The whitepaper and slide deck are online here: http://www.educause.edu/events/security-professionals-conference/2015/0-34000-multifactor-users-six-months The presentation session is recorded, but is restricted to SPC attendees for the moment. Answers to your specific questions: 1. What provider did you select (Duo, Vasco, others)? - Duo 2. Did you implement two-factor across all systems or just selected systems? - select systems 3. If you are using a hosted email solution (such as Google Apps or Office 365), did you include that in your two-factor roll-out? – no 4. Did you include all faculty and staff or just selected users? – all employees 5. Did you include students or allow for “student opt-in?” – only student employees at this stage 6. For ongoing two-factor administration, what level of staffing has it required? – on-going maintenance/support has been minimal with our automated provisioning mechanism 7. Based on your roll-out experience, what key bit of advice might you offer to those of us considering this move? – plenty in the above whitepaper and session, I’m happy to do a call with your team for specific questions. Brad Judy Director of Information Security University Information Systems University of Colorado 1800 Grant Street, Suite 300 Denver, CO 80203 Office: (303) 860-4293 Fax: (303) 860-4302 www.cu.edu<http://www.cu.edu> [cu-logo_fl] From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Thomas Skill Sent: Tuesday, June 02, 2015 11:55 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Seeking insights on Two-factor Authentication roll-out from those who implemented at their campuses Colleagues, At the University of Dayton, we are in the active planning stages for the deployment of Two-Factor Authentication. We’re very interested in hearing from campuses that have deployed two-factor authentication on the following questions: 1. What provider did you select (Duo, Vasco, others)? 2. Did you implement two-factor across all systems or just selected systems? 3. If you are using a hosted email solution (such as Google Apps or Office 365), did you include that in your two-factor roll-out? 4. Did you include all faculty and staff or just selected users? 5. Did you include students or allow for “student opt-in?” 6. For ongoing two-factor administration, what level of staffing has it required? 7. Based on your roll-out experience, what key bit of advice might you offer to those of us considering this move? My apologies for cross-posting this request - I shared this with the CIO list earlier with limited responses. Valerie Vogel from Educause suggested that this list might be a better fit! Thanks Tom Skill Thomas Skill, Ph.D. Associate Provost & CIO Professor of Communication Office (937) 229-3511 Fax (937) 229-4044 eMail: skill () udayton edu<mailto:tskill1 () udayton edu> Twitter: @skilltd<https://twitter.com/skilltd> Linkedin: http://www.linkedin.com/in/skilltd UDit University of Dayton 300 College Park Dayton, OH 45469-2230
Current thread:
- Seeking insights on Two-factor Authentication roll-out from those who implemented at their campuses Thomas Skill (Jun 02)
- Re: Seeking insights on Two-factor Authentication roll-out from those who implemented at their campuses Dunker, Mary (Jun 02)
- Re: Seeking insights on Two-factor Authentication roll-out from those who implemented at their campuses Thomas Skill (Jun 03)
- Message not available
- Re: Seeking insights on Two-factor Authentication roll-out from those who implemented at their campuses Dunker, Mary (Jun 02)
- Re: Seeking insights on Two-factor Authentication roll-out from those who implemented at their campuses Brad Judy (Jun 02)
- Re: Seeking insights on Two-factor Authentication roll-out from those who implemented at their campuses Nick Lewis (Jun 03)