Educause Security Discussion mailing list archives
FW: MFA and SIS
From: Brian Kelly <bkelly () EDUCAUSE EDU>
Date: Thu, 12 Sep 2019 20:03:52 +0000
Cross posting from the CIO list. Great data from CDS provided by Leah. Further down you’ll find Bret’s initial ask, please feel free to reply to Bret if applicable. Brian Brian Kelly, CISSP, CISM, CEH Director, Cybersecurity Program EDUCAUSE Uncommon Thinking for the Common Good Follow HEISC on LinkedIn<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fshowcase%2Fhigher-education-information-security-council-heisc-%2F&data=02%7C01%7C%7C7197d41189e4414981ae08d69dc9670a%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C636869885680898966&sdata=%2FYvU%2BLTYHbPmcyL1AoksiKTSdMeFQ93qASFmTp8Emmo%3D&reserved=0> | Twitter: @HEISCouncil | bkelly () educause edu<mailto:bkelly () educause edu> direct: 720.406.6757 | mobile 475.449.6440 | educause.edu<http://www.educause.edu/> 1150 18th Street, NW, Suite 900 Washington, DC 20036 From: Leah Lang <llang () EDUCAUSE EDU> Date: Thursday, September 12, 2019 at 3:14 PM Subject: Re: MFA and SIS Hello! According to the 2018 EDUCAUSE Core Data Service (CDS), multifactor authentication was most commonly used for business-critical systems, followed by administrative access, followed by remote access to IT services. For all US institutions with a specified Carnegie Classification, use of MFA for student systems was in place at fewer than 10% of institutions. CDS 2018 and new CDS 2019 participating institutions have access to this information and more through the CDS Portal. Complete the CDS 2019 survey by November 1 to ensure your access to our rich source of higher education IT data. Visit www.educause.edu/coredata<http://www.educause.edu/coredata> to get started! [A screenshot of a cell phone Description automatically generated] Leah Lang Director of Analytics Services EDUCAUSE<http://www.educause.edu/> Uncommon Thinking for the Common Good direct: 303.939.0339 | main: 202.872.4200 | fax: 202.872.4318 | educause.edu<http://www.educause.edu/> Twitter: meahlarie Enhance decision making with the EDUCAUSE Core Data Service (CDS)<http://www.educause.edu/coredata> and EDUCAUSE Technology Research in the Academic Community (ETRAC)<http://www.educause.edu/etrac> - benchmarking data to inform IT planning. Become an EDUCAUSE Ambassador Program Details<https://www.educause.edu/about/discover-membership/educause-ambassador-program> – Connect colleagues with resources From: EDUCAUSE Listserv <CIO () LISTSERV EDUCAUSE EDU> on behalf of Brian Lesser <blesser () RYERSON CA> Reply-To: EDUCAUSE Listserv <CIO () LISTSERV EDUCAUSE EDU> Date: Monday, September 9, 2019 at 11:58 AM To: EDUCAUSE Listserv <CIO () LISTSERV EDUCAUSE EDU> Subject: Re: [CIO] MFA and SIS 1. Do you require MFA for access to your HR/Finance systems for employees and, if yes, does that include work-study? Yes, including all student employees. 2. Do you currently have any systems where you require MFA for students and, if yes, which ones? Yes, all online systems require MFA from all students with registrations after Aug 1 this year. Includes Library portal, LMS, Gmail/GSuite etc. 3. Do you have plans to have your students use MFA and, if yes, for which systems and on what timeline? All new students as of August 1, 2019 have to use MFA. In a few years all students will have to use it. This is for all online systems provided by central IT. Yours truly, Brian On Mon, Sep 9, 2019 at 11:26 AM Bret Ingerman <INGERMAB () tcc fl edu<mailto:INGERMAB () tcc fl edu>> wrote: Colleagues: A few years ago we started to require MFA for access to our Workday HR and Finance system using Microsoft’s MFA in Azure. This was to help increase our protection of employee payroll from phishing attempts. Now that we are on the cusp of putting students into Workday as a part of Workday Student, we are in a quandary about what to do about MFA. Should we require MFA for all students to gain access to Workday, or just find a way to have student employees (including work-study) still use MFA while exempting the rest of the students? So I wanted to ask you: 1. Do you require MFA for access to your HR/Finance systems for employees and, if yes, does that include work-study? 2. Do you currently have any systems where you require MFA for students and, if yes, which ones? 3. Do you have plans to have your students use MFA and, if yes, for which systems and on what timeline? —Bret Bret Ingerman Vice President for Information Technology Tallahassee Community College ingermab () tcc fl edu<mailto:ingermab () tcc fl edu> (850) 201-6082 444 Appleyard Drive Tallahassee, FL, 32304-2895 ***Due to Florida's very broad public records law, most written communications to or from Tallahassee Community College employees regarding College business are public records, available to the public and media upon request. Therefore, this email communication and your response may be subject to public disclosure.*** ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community -- ___________________________________________ Brian Lesser Chief Information Officer Ryerson University 350 Victoria St. Toronto, Ontario, Canada M5B 2K3 Phone: (416) 979-5000 ext. 556835 Office: LIB-B-99 Learn about cybersecurity at Ryerson: https://ryerson.ca/cybersecurity<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fryerson.ca%2Fcybersecurity&data=02%7C01%7C%7Ce081bdd198cf4f3a083908d7353e8049%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637036414875493354&sdata=coW28vXVmXUgxLFhoa3uQxIDEiSmqGLL2F9mrrKexok%3D&reserved=0> Toronto is in the 'Dish With One Spoon Territory’. The Dish With One Spoon is a treaty between the Anishinaabe, Mississaugas and Haudenosaunee that bound them to share the territory and protect the land. Subsequent Indigenous Nations and peoples, Europeans and all newcomers have been invited into this treaty in the spirit of peace, friendship and respect. http://www.ryerson.ca/aec/<https://nam03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.ryerson.ca%2Faec%2F&data=02%7C01%7C%7Ce081bdd198cf4f3a083908d7353e8049%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637036414875493354&sdata=wF%2FqxsZRC8pztL5OJ3PCdJKyyUyU4Sih4ojaadZBczw%3D&reserved=0> Notice of Confidentiality: This e-mail message including any attachments is intended for the use of the addressee and may contain privileged, confidential or personal information. If you are not the intended recipient, please be advised that you are strictly prohibited from using, disclosing, distributing or reproducing this email or the information contained within. If you have received this email in error, please notify the sender immediately by return e-mail and destroy the original message and any copies. ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- FW: MFA and SIS Brian Kelly (Sep 12)