Re: 2 factor authentication

["King, Ronald A." <raking () NSU EDU>]

This is a great thread as we are beginning our testing of Duo for deployment over the next year. Questions though: Is 
anyone using id for wireless/RADIUS authentication?

Thanks,
Ron

Ronald King
Chief Information Security Officer

Office of Information Technology
(757) 823-2916 (Office)
raking () nsu edu<mailto:raking () nsu edu>
www.nsu.edu<http://www.nsu.edu/>
@NSUCISO (Twitter)
[NSU_logo_horiz_tag_4c - Smaller]

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Brian Epstein
Sent: Friday, June 7, 2019 10:15 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] 2 factor authentication

For everyone that has a smartphone, we will user it for the verification portion.  For the edge cases, we will have to 
come up with something else.  We are looking at implementing it everywhere we can over the next 12-24 months.  I heard 
a great talk on this at the Educause Security 19 conference.  The discussion was around implementing it everywhere that 
is possible so you don't have to manage which service/role warrants MFA.  That really spoke to me as the management and 
decision making process can be daunting.  If you decide to use it everywhere, though, the only thing you have to manage 
is your users, who will be getting used to it anyway.  Might not be suitable for all organizations, but it makes a lot 
of sense to me.

Thanks,
Brian
--
Brian Epstein <bepstein () ias edu<mailto:bepstein () ias edu>>                     +1 609-734-8179
Manager, Network and Security           Institute for Advanced Study
Key fingerprint = A6F3 9F5A 26C5 5847 79ED  C34C C0E5 244A 55CA 2B78

On Fri, Jun 7, 2019, 16:42 Brian Clark <brian.clark () caspercollege edu<mailto:brian.clark () caspercollege edu>> 
wrote:
Hi Brian,

Are you going to use Duo push for everyone on campus?

On Fri, Jun 7, 2019 at 2:33 PM Brian Epstein <bepstein () ias edu<mailto:bepstein () ias edu>> wrote:
We are going to start using Duo push to verify user identities over the
phone.  Except, of course, when the issue is with Duo Security.  We are
still trying to figure that one out. :)

Thanks,
ep

On 6/7/19 2:45 PM, Jenny Blaine wrote:
> Yes. We have it in front of Shibboleth auth. Duo is our provider. It
> has been opt-in for gmail and other non-Enterprise solutions. However,
> we are going to make it obligatory for everyone, students & staff,
> beginning November 1, 2019.
>
> Hope this helps!
>
> Jenny B.
>
> On Fri, Jun 7, 2019 at 12:36 PM Brian Clark
> <brian.clark () caspercollege edu<mailto:brian.clark () caspercollege edu>> wrote:
> > Is anyone using 2F for anything other than remote services or systems?
> > --
> > Brian Clark
> > Systems Programmer
> > Casper College
> > 125 College Drive
> > Casper WY 82601
> > brian.clark () caspercollege edu<mailto:brian.clark () caspercollege edu>



--
Brian Epstein <bepstein () ias edu<mailto:bepstein () ias edu>>                     +1 609-734-8179
Manager, Network and Security           Institute for Advanced Study
Key fingerprint = A6F3 9F5A 26C5 5847 79ED  C34C C0E5 244A 55CA 2B78
--
Brian Clark
Systems Programmer
Casper College
125 College Drive
Casper WY 82601
brian.clark () caspercollege edu<mailto:brian.clark () caspercollege edu>