Re: Two factor authentication for Banner access

["Lunceford, Dan" <DLunceford () ADMIN NMT EDU>]

We are using RSA for banner access outside of our most restrictive (secure?)
zones.  This gets them access to the restricted zone and then they can login to
banner.

Inside those zones, they have direct access to the servers and can use normal
authentication.

If you wish more detail I may discuss it with you offline.

-drl


--
Dan Lunceford
Manager of Networking Services
New Mexico Tech
dan () nmt edu, 505-835-5961


Outside of dog, a book is Man's best friend.
  Inside a dog, it's too dark to read.  -- Groucho Marx


-----Original Message-----
From: Boaz Gelbord [mailto:GelbordB () NEWSCHOOL EDU]
Sent: Friday, January 26, 2007 8:14 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Two factor authentication for Banner access

Hi everyone,

How many of you are using two factor methods like RSA SecurID tokens to
control access by administrative workers to Banner information?  I am
concerned by the large number of employees (both full time and temporary
student staff) who have access to sensitive Banner data such as SSNs.
Using two factor authentication would allow us to better control their
access and would reduce the problems associated with password compromise
and sharing.

I would also be interested in hearing about institutions that use two
factor authentication to control access to other key resources, or that
have plans to do so in the future.

If you send me your responses off the list I can aggregate these and
send a summary to the group.

Thanks,

Boaz.

Boaz Gelbord
Manager of Information Security
The New School
55 West 13th Street NYC 10011
www.newschool.edu

Attachment: smime.p7s
Description: