Re: MFA Deployment Questions

[Gael Frouin <gfrouin () BERKLEE EDU>]

Hello,

We would be interested with similar information.
I started compiling some public information found on other institutions
websites regarding their 2FA roll-out, policy and solutions to compare to
the current plan we have.

Thank you,

Gaël Frouin
Berklee
Information Security Officer
On Thu, Oct 26, 2017 at 2:23 AM Tim Lane <tim.lane () griffith edu au> wrote:

> Hi Cybersecurity Members,
>
> we are reviewing approaches to MFA and would appreciate responses on the
> below questions:
>
> (1) If you have an MFA deployment, is this just for staff, or only for
> students or for both?  What about Alumni?
>
> (2) What were the main business/technical drivers surrounding the decision
> on the above deployment?
>
> (3) What systems based scope was MFA implemented for: i.e.
>
>    - Only for key identified apps (example email etc)
>    - VPN
>    - Privileged Access (Admin roles)
>    - Identity federation and SSO, LDAP etc
>    - Access to on Prem web apps/cloud apps
>    - Remote Desktop
>    - Other
>
> (4) What MFA solution do you use?
>
> (5) Preferred auth factor style for best UX?
>
> Thanks in advance,
>
> Regards,
>
> Tim
>
>
> *Tim Lane| Cybersecurity Projects Manager*
>
> *Office of Digital Solutions*
> *Griffith University* *| Nathan Campus | QLD 4111 | Building location N12
> Room - 1.02J*
> *T +61 7 3735 7838 | email **tim.lane () griffith edu au
> <tim.lane () griffith edu au>*
>
>
> *Cybersecurity is Everyone's Responsibility!  *
> https://www.griffith.edu.au/cybersecurity
>
>
>
> PRIVILEGED - PRIVATE AND CONFIDENTIAL
>
> This email and any files transmitted with it are intended solely for the
> use of the addressee(s) and may contain information which is confidential
> or privileged.  If you receive this email and you are not the addressee or
> responsible for delivery of the email to the addressee(s), please disregard
> the contents of the email, delete the mail and notify the author
> immediately.