Two Factor Authentication rollout strategy?

[Peter Farrell <pfarrell () LOYOLA EDU>]

Hi everyone!  We're looking to implement two-factor authentication using Duo over the next academic year.  I was hoping 
to get some advice from folks who have already implemented it on a wide-scale basis.  We're planning to put it in front 
of our remote access tool (VMware Workspace One/Horizon) and enterprise systems, for all staff/admin/faculty.  We are 
not currently licensed for students at this time.

Here are  some questions we have to help learn what worked and what did not?


*       What was your rollout strategy?  Did you roll out department by department, or allow people to self-enroll any 
time before a deadline when it became mandatory?

*       What are authentication methods? (phone, tokens, etc)

*       Who did you roll it out to (students/faculty/employees)

*       What systems are you protecting with 2FA?  Required / optional?

*       Who was the sponsor?  (administration, tech services, etc.)  Did you have high level backing?

*       How long was your rollout?

*       How did you communicate to your constituents about the new requirement?

*       How to handle pushback (ie: people not wanting to install an app on their personal phones, etc)

*       Any other suggestions or gotchas?

Thanks in advance for any help you can provide!

//pete

Peter Farrell
Assistant Director of Operations, Client Services
[cid:3336979044_13522879]
Loyola University Maryland
4501 North Charles Street
Baltimore, MD 21210

410-617-5528
pfarrell () loyola edu<mailto:pfarrell () loyola edu>

www.loyola.edu<http://www.loyola.edu/>

[facebook]<http://www.facebook.com/LoyolaMaryland>[twitter]<http://www.twitter.com/LoyolaMaryland>[Description: 
Description: cid:image004.gif@01CC0FE3.890D8820]<http://www.youtube.com/LoyolaMaryland>

Security Alert: Loyola Technology Services will never ask for your password.  Please do not share it with others.