Educause Security Discussion mailing list archives
Re: 2 factor authentication
From: Chad Tracy <ctracy () BATES EDU>
Date: Fri, 7 Jun 2019 22:20:12 -0400
I wanted to follow that logic when we deployed Duo across our campus, just do it across the board... it didn’t turn out that way in the end. We opted not to include some folks in dining and events - folks who work per diem or on call. The reason being was that the turnover for those folks was so great and many of them didn’t have smartphones which would have caused those folks to use a fob... which probably would end up never being returned. On Fri, Jun 7, 2019 at 10:14 PM Brian Epstein <bepstein () ias edu> wrote:
For everyone that has a smartphone, we will user it for the verification portion. For the edge cases, we will have to come up with something else. We are looking at implementing it everywhere we can over the next 12-24 months. I heard a great talk on this at the Educause Security 19 conference. The discussion was around implementing it everywhere that is possible so you don't have to manage which service/role warrants MFA. That really spoke to me as the management and decision making process can be daunting. If you decide to use it everywhere, though, the only thing you have to manage is your users, who will be getting used to it anyway. Might not be suitable for all organizations, but it makes a lot of sense to me. Thanks, Brian -- Brian Epstein <bepstein () ias edu> +1 609-734-8179 Manager, Network and Security Institute for Advanced Study Key fingerprint = A6F3 9F5A 26C5 5847 79ED C34C C0E5 244A 55CA 2B78 On Fri, Jun 7, 2019, 16:42 Brian Clark <brian.clark () caspercollege edu> wrote:Hi Brian, Are you going to use Duo push for everyone on campus? On Fri, Jun 7, 2019 at 2:33 PM Brian Epstein <bepstein () ias edu> wrote:We are going to start using Duo push to verify user identities over the phone. Except, of course, when the issue is with Duo Security. We are still trying to figure that one out. :) Thanks, ep On 6/7/19 2:45 PM, Jenny Blaine wrote:Yes. We have it in front of Shibboleth auth. Duo is our provider. It has been opt-in for gmail and other non-Enterprise solutions. However, we are going to make it obligatory for everyone, students & staff, beginning November 1, 2019. Hope this helps! Jenny B. On Fri, Jun 7, 2019 at 12:36 PM Brian Clark <brian.clark () caspercollege edu> wrote:Is anyone using 2F for anything other than remote services or systems? -- Brian Clark Systems Programmer Casper College 125 College Drive<https://www.google.com/maps/search/125+College+Drive+%0D%0A+Casper+WY+82601?entry=gmail&source=g> <https://www.google.com/maps/search/125+College+Drive+%0D%0A+Casper+WY+82601?entry=gmail&source=g>>> Casper WY 82601 <https://www.google.com/maps/search/125+College+Drive+%0D%0A+Casper+WY+82601?entry=gmail&source=g>brian.clark () caspercollege edu-- Brian Epstein <bepstein () ias edu> +1 609-734-8179 Manager, Network and Security Institute for Advanced Study Key fingerprint = A6F3 9F5A 26C5 5847 79ED C34C C0E5 244A 55CA 2B78 --Brian Clark Systems Programmer Casper College 125 College Drive <https://www.google.com/maps/search/125+College+Drive+Casper+WY+82601?entry=gmail&source=g> Casper WY 82601 <https://www.google.com/maps/search/125+College+Drive+Casper+WY+82601?entry=gmail&source=g> brian.clark () caspercollege edu--
Chad Tracy Director of Information Security, Policy and Compliance Bates College 207 786-6491
Current thread:
- 2 factor authentication Brian Clark (Jun 07)
- Re: 2 factor authentication Jenny Blaine (Jun 07)
- Re: 2 factor authentication Brian Clark (Jun 07)
- Re: 2 factor authentication Brian Epstein (Jun 07)
- Re: 2 factor authentication Brian Clark (Jun 07)
- Re: 2 factor authentication Brian Epstein (Jun 07)
- Re: 2 factor authentication Chad Tracy (Jun 07)
- Re: 2 factor authentication King, Ronald A. (Jun 11)
- Re: 2 factor authentication Cavender, Terry L (Jun 11)
- Re: 2 factor authentication Gonzalez, Joshua (Jun 11)
- Re: [External] Re: [SECURITY] 2 factor authentication Gregg, Christopher S. (Jun 11)
- Re: 2 factor authentication Jenny Blaine (Jun 07)
- Re: 2 factor authentication Ben Marsden (Jun 07)
- Message not available
- Re: 2 factor authentication Windham, Gary D - (windhamg) (Jun 07)
- Re: 2 factor authentication Odi Iancu (Jun 12)
- Re: 2 factor authentication Alexandre Adao (Jun 14)