Educause Security Discussion mailing list archives
Re: Deploying MFA
From: "Hamer, Christian" <christian_hamer () HARVARD EDU>
Date: Tue, 4 Jul 2017 13:58:24 +0000
Completely agree with your takeaways given our experience. It’s a user experience and communications project more than a technical one. We thought about targeting high-risk applications but once PeopleSoft was in scope, that was over half our population. We ultimately decided it was easier for everyone to be able to communicate consistently than to have some fragments of the population in scope and others out, given the size that was going to be in. I’ve attached a high level set of planning considerations that we developed looking at our deployment in retrospect in case it’s helpful. -Christian On 7/3/17, 1:12 PM, "The EDUCAUSE Security Constituent Group Listserv on behalf of Reyor, William F." <SECURITY () LISTSERV EDUCAUSE EDU on behalf of wreyor () FAIRFIELD EDU> wrote: We're getting prepared to roll out Duo here at Fairfield and are using the transition to a new ERP system as a way to boot strap the project and enroll everyone. We studied Yales deployment to benchmark against and found that the biggest challenge is often user communication and creating strategies to avoid user pushback. Thanks, Bill On Jul 3, 2017, at 1:05 PM, James Monek <jmm616 () LEHIGH EDU<mailto:jmm616 () LEHIGH EDU>> wrote: We are looking to deploy MFA at Lehigh University. I’m reaching out to find out how other universities approached this project. During the initial deployment, did you target specific data classifications, at risk systems or large services such as mail. Depending on your scope, was it opt-in or mandatory? How did you capture the second factor? Did you find you had to use different solutions for different applications/services? Jim -- James Monek Director, Technology Infrastructure & Operations Lehigh University - Library and Technology Services P: 610-758-5010 E: jamesmonek () lehigh edu<mailto:jamesmonek () lehigh edu> Follow Lehigh LTS at: Facebook: https://www.facebook.com/LehighLTS Twitter: https://twitter.com/lehighlts TIO Blog: https://wordpress.lehigh.edu/jmm616/
Attachment:
2FA Planning Considerations.docx
Description: 2FA Planning Considerations.docx
Current thread:
- Deploying MFA James Monek (Jul 03)
- Re: Deploying MFA Reyor, William F. (Jul 03)
- Re: Deploying MFA Davis, Kevin (Jul 03)
- Re: Deploying MFA Hamer, Christian (Jul 04)
- Re: Deploying MFA Joanna Grama (Jul 05)
- Re: Deploying MFA Reyor, William F. (Jul 03)