Re: Seeking insights on Two-factor Authentication roll-out from those who implemented at their campuses

["Dunker, Mary" <dunker () VT EDU>]

Tom,

Virginia Tech has not deployed a solution yet, but we have considered many of the same questions you list, so maybe it 
will be useful to share our thinking so far...

1.      What provider did you select (Duo, Vasco, others)?
Nothing purchased yet, but Duo looks like it will be the front runner for us.

2.      Did you implement two-factor across all systems or just selected systems? 
We will attempt to implement 2-factor across all systems. We are starting by requiring it for applications whose users 
authenticate with the our NetID via CAS. Next, we plan to include applications that use Windows Active Directory 
credentials. 

3.      If you are using a hosted email solution (such as Google Apps or Office 365), did you include that in your 
two-factor roll-out?
We use separate credentials for Google Apps, which already has two-step authentication, so Google Apps is not in scope. 
I think  Office 365 will be in scope.

4.      Did you include all faculty and staff or just selected users?
All, eventually, but we may start with a limited population.

5.      Did you include students or allow for “student opt-in?”
Students will be included, not likely optional.

6.      For ongoing two-factor administration, what level of staffing has it required?
To be determined.

7.      Based on your roll-out experience, what key bit of advice might you offer to those of us considering this move? 
To be determined.

We'll be interested in hearing from others as well!

Mary

-----------------------------------------------------------------
Mary Dunker
Director, Secure Enterprise Technology Initiatives
Virginia Tech Information Technology
1700 Pratt Drive
Blacksburg, VA 24060
540-231-9327
dunker () vt edu 
--------------------------------------------------------------------


-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Thomas 
Skill
Sent: Tuesday, June 02, 2015 1:55 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Seeking insights on Two-factor Authentication roll-out from those who implemented at their campuses


Colleagues,

 

At the University of Dayton, we are in the active planning stages for the deployment of Two-Factor Authentication.  
We’re very interested in hearing from campuses that have deployed two-factor authentication on the following questions:

1.      What provider did you select (Duo, Vasco, others)?
2.      Did you implement two-factor across all systems or just selected systems? 
3.      If you are using a hosted email solution (such as Google Apps or Office 365), did you include that in your 
two-factor roll-out?
4.      Did you include all faculty and staff or just selected users?
5.      Did you include students or allow for “student opt-in?”
6.      For ongoing two-factor administration, what level of staffing has it required?
7.      Based on your roll-out experience, what key bit of advice might you offer to those of us considering this move?

My apologies for cross-posting this request - I shared this with the CIO list earlier with limited responses.   Valerie 
Vogel from Educause suggested that this list might be a better fit! 
 


Thanks

Tom Skill







Thomas Skill, Ph.D.
Associate Provost & CIO 
Professor of Communication
Office (937) 229-3511
Fax (937) 229-4044

eMail: skill () udayton edu <mailto:tskill1 () udayton edu> 
Twitter: @skilltd <https://twitter.com/skilltd> 
Linkedin: http://www.linkedin.com/in/skilltd

UDit
University of Dayton
300 College Park 
Dayton, OH 45469-2230