Educause Security Discussion mailing list archives

Re: Deploying MFA

From: "Hamer, Christian" <christian_hamer () HARVARD EDU>
Date: Tue, 4 Jul 2017 13:58:24 +0000

Completely agree with your takeaways given our experience. It’s a user experience and communications project more than
a technical one. We thought about targeting high-risk applications but once PeopleSoft was in scope, that was over
half our population. We ultimately decided it was easier for everyone to be able to communicate consistently than to
have some fragments of the population in scope and others out, given the size that was going to be in. I’ve attached a
high level set of planning considerations that we developed looking at our deployment in retrospect in case it’s
helpful.

-Christian

On 7/3/17, 1:12 PM, "The EDUCAUSE Security Constituent Group Listserv on behalf of Reyor, William F." <SECURITY ()
LISTSERV EDUCAUSE EDU on behalf of wreyor () FAIRFIELD EDU> wrote:

We're getting prepared to roll out Duo here at Fairfield and are using the transition to a new ERP system as a way
to boot strap the project and enroll everyone. We studied Yales deployment to benchmark against and found that the
biggest challenge is often user communication and creating strategies to avoid user pushback.

Thanks,
Bill

On Jul 3, 2017, at 1:05 PM, James Monek <jmm616 () LEHIGH EDU<mailto:jmm616 () LEHIGH EDU>> wrote:

We are looking to deploy MFA at Lehigh University. I’m reaching out to find out how other universities approached
this project. During the initial deployment, did you target specific data classifications, at risk systems or large
services such as mail. Depending on your scope, was it opt-in or mandatory? How did you capture the second factor? Did
you find you had to use different solutions for different applications/services?

Jim

--
James Monek
Director, Technology Infrastructure & Operations
Lehigh University - Library and Technology Services
P: 610-758-5010
E: jamesmonek () lehigh edu<mailto:jamesmonek () lehigh edu>

Follow Lehigh LTS at:
Facebook: https://www.facebook.com/LehighLTS
Twitter: https://twitter.com/lehighlts

TIO Blog: https://wordpress.lehigh.edu/jmm616/

Attachment: 2FA Planning Considerations.docx
Description: 2FA Planning Considerations.docx

Current thread:

Deploying MFA James Monek (Jul 03)
- Re: Deploying MFA Reyor, William F. (Jul 03)
  - Re: Deploying MFA Davis, Kevin (Jul 03)
  - Re: Deploying MFA Hamer, Christian (Jul 04)
- Re: Deploying MFA Joanna Grama (Jul 05)