Educause Security Discussion mailing list archives

Re: MFA Student Deployment Questions

From: Valerie Vogel <vvogel () EDUCAUSE EDU>
Date: Thu, 24 Jan 2019 16:33:22 +0000

Hi Stefan,

We just published a short paper on Two-Factor Authentication: Lessons Learned with input from several campuses. This 
may not directly address the questions listed below, but might have some useful information. Contributing 
authors/campuses are listed in the Acknowledgements section.

https://library.educause.edu/resources/2019/1/two-factor-authentication-lessons-learned

Thank you,
Valerie

Valerie Vogel
Interim Director, Cybersecurity Program

EDUCAUSE
Uncommon Thinking for the Common Good
direct: 202.331.5374 | Follow HEISC on 
LinkedIn<https://www.linkedin.com/showcase/higher-education-information-security-council-heisc-/> | twitter: 
@HEISCouncil | vvogel () educause edu<mailto:vvogel () educause edu>

From: Security Discussion Group List <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Stefan Wahe 
<0000009ffd3543ad-dmarc-request () LISTSERV EDUCAUSE EDU>
Reply-To: Security Discussion Group List <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Wednesday, January 16, 2019 at 6:49 PM
To: Security Discussion Group List <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] MFA Student Deployment Questions


We are trying to finalize our MFA student deployment plans.  We have received some interesting questions.  We are 
interested in how your campus managed student deployment (we are partway through our faculty/staff deployment).  I 
would appreciate a response to the following questions.


  1.  What methodology did you use to deploy MFA to students, incremental based on a variable or everyone at once?
  2.  Does your university provide students with hard tokens? If so, do the students have to pay for the token? How 
much?
  3.  How to you manage accessibility issues for students with disabilities?
  4.  How do you handle situations where students can not take a device into a proctored testing lab?  Did faculty have 
concerns about raising test anxiety for students? How were they addressed.
  5.  Are you handling student registration differently than faculty and staff?  Please provide the link to any public 
documentation describing student enrollment.

I appreciate your responses.

Sincerely – Stefan Wahe


*****************************
Stefan Wahe, CISSP
University of Wisconsin-Madison
Office of Cybersecurity
Deputy Chief Information Security Officer
HIPAA Security Officer
608-265-1177
[signature_767482743]

Current thread:

MFA Student Deployment Questions Stefan Wahe (Jan 16)
- Re: MFA Student Deployment Questions Edenfield, Alton (Jan 16)
  - Re: MFA Student Deployment Questions Giacobe, Nick (Jan 16)
- Re: MFA Student Deployment Questions Gregg, Christopher S. (Jan 16)
- Re: MFA Student Deployment Questions Telfer, Will (Jan 17)
- <Possible follow-ups>
- Re: MFA Student Deployment Questions Valerie Vogel (Jan 24)
  - Re: MFA Student Deployment Questions Brad Judy (Jan 24)
    - Re: MFA Student Deployment Questions Gregg, Christopher S. (Jan 24)