Re: MFA/2FA Implementation Questions

["Barton, Robert W." <bartonrt () LEWISU EDU>]

ON THE EXCEPTIONS -

We were looking to go across the employees, board members and faculty.  All of these areas have access to documents 
that must follow our handling procedures, and thus have access to more than a student or public.

Robert W. Barton
Executive Director of Information Security and Policy
Lewis University
One University Parkway
Romeoville, IL  60446-2200
815-836-5663

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Pardonek, Jim
Sent: Tuesday, February 4, 2020 9:26 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] MFA/2FA Implementation Questions

Hi All,

Our MFA project has hit a few snags and our senior leadership is asking us to gather more information from other 
schools to identify and potential issues.

Rather than Duo, the university opted for Microsoft and although mostly smooth so far, we still have some nagging 
problems that keep coming up.

One that has come up as of late is modern auth support for android email.  Seems like 3 months ago, the answer for 
anyone with an android was install the Outlook client.  What we have been finding is that Samsung phones, for example, 
S7 or later that have a minimum email client version of 6.1.01.0 work with modern auth.  Given the rabbit hole that 
androids can make. We are now being asked to test as many makes, models and versions of android phone that we can get 
our hands on.  If anyone has done this research, we would appreciate any insight.

I've asked this on a previous post but got no responses but thought I'd ask again regarding exception groups.  Our 
current stance is to except Board members, Council of Regents and alumni. We would be interested in seeing what other 
schools are doing.

Lastly if you would be kind enough to share any pitfalls, constraints and roadblock as well as implementation 
recommendations, we would greatly appreciate it.

Thanks in advance.


James Pardonek, MS, CISSP, CEH, GSNA
Associate Director
Chief Information Security Officer
Loyola University Chicago
1032 W. Sheridan Road | Chicago, IL  60660

*: (773) 508-6086

Loyola University Chicago will never ask you for your username or password.
For the latest information security news at Loyola, please follow us online,
Twitter: @LUCUISO
Facebook: https://www.facebook.com/lucuiso/
Our Blog http://blogs.luc.edu/uiso/


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community