Re: Two-factor Authentication

[Drew Perry <aperry () MURRAYSTATE EDU>]

We are in the process of implementing Google Authenticator for 2-factor
authentication in both SSH and VDI authentication. A big reason for
choosing Google was, as a Google Apps for Education user, we were already
using it for email auth. And secondly, it's free. That being said we have
not finished implementation, so I may have more thoughts at week's end.

Sent from my phone.

Drew Perry
Security Analyst
Murray State University
(270) 809-4414
aperry () murraystate edu
On Jan 15, 2013 4:54 PM, "JR Ramirez" <jrramirez30 () gmail com> wrote:

> We currently use SafeNet SafeWord to provide stand-alone RADIUS
> authentication for our PCI environment (we are planning to integrate with
> our AD).  We currently use Citrix as the front-end web piece; our Network
> Team also tie in their PCI network devices.  SafeNet is in the top quadrant
> on the Gartner scale and works fairly well for us -- they have soft token
> apps for Blackberry and iPhone (not sure about Android).
>
> JR
>
>
> On Tue, Jan 15, 2013 at 3:25 PM, Wright, A J (A. J.) <ajw () tennessee edu>wrote:
>
> >  Obviously, we first prioritized moving our SAQ-D systems to less risky
> > processes that don’t require MFA.****
> >
> > ** **
> >
> > For the ones that were left, we’ve used Duo Security’s MFA solution.  It
> > has been pretty painless: inexpensive, easy to manage, and it does what it
> > says on the tin.  I like it enough that we’re considering implementing it
> > elsewhere. ****
> >
> > ** **
> >
> > Countdown to the Duo sales call …****
> >
> > ajw****
> >
> > --****
> >
> > *A. J. Wright
> > *Chief Information Security Officer****
> >
> > ** **
> >
> > University of Tennessee – System Administration
> > 2309 Kingston Pike, Suite 131C
> > Knoxville, TN  37996-1717
> > Phone:  865-974-0637****
> >
> > Email: ajw () tennessee edu****
> >
> > ** **
> >
> > *From:* The EDUCAUSE Security Constituent Group Listserv [mailto:
> > SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *McClenon, Brady
> > *Sent:* Tuesday, January 15, 2013 1:42 PM
> > *To:* SECURITY () LISTSERV EDUCAUSE EDU
> > *Subject:* [SECURITY] Two-factor Authentication****
> >
> > ** **
> >
> > I’m wondering if anyone is willing to share what methods/products their
> > institution is using to facilitate two-factor authentication for PCI-DSS
> > compliance, or I suppose even if your usage has nothing to do with PCI.**
> > **
> >
> > ** **
> >
> > Brady McClenon****
> >
> > Senior Server Administrator****
> >
> > Applications Research & Development****
> >
> > Information Technology Services****
> >
> > SUNY College at Oneonta****
> >
> > 607-436-3203****
> >
> > ** **
> >
> > “Quotes found on the internet are not always accurate.”  - Abraham Lincoln
> > ****
> >
> > ** **
> >
> > ** **