Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

QuickLaunch + YubiKeys?

From: AIS <ais () REINHARDT EDU>
Date: Thu, 14 Mar 2019 13:32:08 +0000
We are looking at rolling out QuickLaunch + YubiKeys for an additional multi-factor method yet?
http://www.quicklaunchsso.com/security-key-by-yubico.html

Has anyone done this yet? If so, I would love to get your input on:

  1.  Are you deploying QuickLaunch for SSO/IDP + MFA?
  2.  Are you considering providing YubiKeys to staff? and students also?
  3.  If you are rolling these out to students, how are you (re)covering the cost for the keys?
  4.  Which key types are you using:
     *   YubiKey 5 NFC
     *   YubiKey 5 Nano
     *   YubiKey 5C
     *   YubiKey 5C Nano
     *   Security Key by Yubico
  5.  Are you deploying QuickLaunch for HR/SIS to Active Directory automated user provisioning?


From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Linc Nesheim
Sent: Monday, March 11, 2019 11:10 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Secure Web Directory?

Various changes have been made to our public directory over the years.   Most of those were attempts to thwart the 
scraping of contact information -- throttling, limit number of results, requiring extra clicks, etc.  Some were 
effective for short periods after implementation, but none for very long.

We currently have a memo/proposal going through internal channels recommending we remove the universal public directory 
altogether.  Any department or group that wants contact information available via unauthenticated methods is free to 
post it on their self-managed sites.  Our full directory still being searchable behind our portal for internal, 
authenticated users.

As a side note, I participated in a focus-group a couple of years ago where we learned the surprisingly-common behavior 
of how folks search for information -- go to Google.com and search for institution name + search term was used more 
often than going to a particular site and using the site's internal search mechanism.  This suggests the intended 
audience for these public directories may not actually be the most active users.  :-/

Linc

-

Linc Nesheim
Information Security Officer
Whitman College
509-527-5852


On Fri, Mar 8, 2019 at 5:21 PM Fisch, Neal <Neal.Fisch () csuci edu<mailto:Neal.Fisch () csuci edu>> wrote:
Good afternoon all,

In an attempt to cut down on the amount email phishing we receive we’re interested in see if any universities are 
protecting (or considering to protect) their outward facing web directories, or if they have any other solutions 
against directory scraping that have been useful.

Thanks all and have a great weekend!

Neal

Neal Fisch
Director, Enterprise Services and Security
Information Security Officer

California State University Channel Islands
One University Drive / Camarillo CA 93012
Email:  neal.fisch () csuci edu<mailto:neal.fisch () csuci edu>

[Channel-Your-Potential-Email-Footer]

Previous By Date Next
Previous By Thread Next

Current thread: