Educause Security Discussion mailing list archives
Re: Protecting workstations with Duo
From: Rich Graves <rgraves () CARLETON EDU>
Date: Wed, 7 Jun 2017 13:31:18 -0500
The nice thing about many of the typical Duo factors is that they are slightly less likely to be stolen or left unattended than a Yubikey or smartcard. Of course, if you allow voice call to your desktop phone as a backup factor, which is something that we actually recommend to most people for pretty good reasons, that's not going to protect your desktop computer. Regardless, make sure the security/usability ratio is meaningfully positive. On Wed, Jun 7, 2017 at 1:24 PM, randy <marchany () vt edu> wrote:
I use Yubikey as my standalone 2nd factor (no duo). I have it tied to my local accounts on my laptops (standalone). THe yubico setup is pretty straightforward to set up. -r. On Wed, Jun 7, 2017 at 1:23 PM, Emily Harris <emharris () vassar edu> wrote:I'm curious if anyone has deployed (or is thinking of deploying) MFA on their workstation logins via Duo. It looks like it can be done, but it isn't very straight-forward. It requires a local workstation client, and to manage the users via Group policy. Our goal is to require MFA for admin accounts only (for now). I'm wondering if anyone has already deployed this. Thanks! ---- Emily Harris, CISSP Information Security Officer, CIS Vassar College 845-437-7221 <(845)%20437-7221>
Current thread:
- Protecting workstations with Duo Emily Harris (Jun 07)
- Re: Protecting workstations with Duo Frank Barton (Jun 07)
- Re: Protecting workstations with Duo Greg Williams (Jun 07)
- Re: Protecting workstations with Duo randy (Jun 07)
- Re: Protecting workstations with Duo Rich Graves (Jun 07)
- Re: Protecting workstations with Duo Scantlin, Aaron J. (Jun 07)
- Re: Protecting workstations with Duo Emily Harris (Jun 07)
- Re: Protecting workstations with Duo Rich Graves (Jun 07)
- Re: Protecting workstations with Duo Rich Graves (Jun 09)