Re: Seeking insights on Two-factor Authentication roll-out from those who implemented at their campuses

[Brad Judy <brad.judy () CU EDU>]

Tom,

I gave a presentation at Educause SPC about the CU deployment of Duo for step-up multifactor on sensitive HR 
self-service components (which is also expanding to other services).

The whitepaper and slide deck are online here: 
http://www.educause.edu/events/security-professionals-conference/2015/0-34000-multifactor-users-six-months

The presentation session is recorded, but is restricted to SPC attendees for the moment.

Answers to your specific questions:

1.       What provider did you select (Duo, Vasco, others)? - Duo
2.       Did you implement two-factor across all systems or just selected systems?  - select systems
3.       If you are using a hosted email solution (such as Google Apps or Office 365), did you include that in your 
two-factor roll-out? – no
4.       Did you include all faculty and staff or just selected users? – all employees
5.       Did you include students or allow for “student opt-in?” – only student employees at this stage
6.       For ongoing two-factor administration, what level of staffing has it required? – on-going maintenance/support 
has been minimal with our automated provisioning mechanism
7.       Based on your roll-out experience, what key bit of advice might you offer to those of us considering this 
move? – plenty in the above whitepaper and session, I’m happy to do a call with your team for specific questions.


Brad Judy

Director of Information Security
University Information Systems
University of Colorado
1800 Grant Street, Suite 300
Denver, CO  80203
Office: (303) 860-4293
Fax: (303) 860-4302
www.cu.edu<http://www.cu.edu>

[cu-logo_fl]

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Thomas 
Skill
Sent: Tuesday, June 02, 2015 11:55 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Seeking insights on Two-factor Authentication roll-out from those who implemented at their campuses


Colleagues,

At the University of Dayton, we are in the active planning stages for the deployment of Two-Factor Authentication.  
We’re very interested in hearing from campuses that have deployed two-factor authentication on the following questions:

  1.  What provider did you select (Duo, Vasco, others)?
2.       Did you implement two-factor across all systems or just selected systems?
3.       If you are using a hosted email solution (such as Google Apps or Office 365), did you include that in your 
two-factor roll-out?
4.       Did you include all faculty and staff or just selected users?
5.       Did you include students or allow for “student opt-in?”
6.       For ongoing two-factor administration, what level of staffing has it required?
7.       Based on your roll-out experience, what key bit of advice might you offer to those of us considering this move?
My apologies for cross-posting this request - I shared this with the CIO list earlier with limited responses.   Valerie 
Vogel from Educause suggested that this list might be a better fit!


Thanks
Tom Skill


Thomas Skill, Ph.D.
Associate Provost & CIO
Professor of Communication
Office (937) 229-3511
Fax (937) 229-4044

eMail: skill () udayton edu<mailto:tskill1 () udayton edu>
Twitter: @skilltd<https://twitter.com/skilltd>
Linkedin: http://www.linkedin.com/in/skilltd

UDit
University of Dayton
300 College Park
Dayton, OH 45469-2230