Educause Security Discussion mailing list archives

Re: [External] Re: [SECURITY] Multifactor on campus

From: "Gregg, Christopher S." <csgregg () STTHOMAS EDU>
Date: Fri, 3 Jan 2020 17:15:31 +0000

Our MFA strategy is somewhat dependent on the system in the we only require MFA for Office365 from off-campus, and 
everywhere for most other systems.  For systems covered by MFA we enforce as follows:

Students:   Yes
Faculty = Yes
Staff = Yes
Alumni = Alumni currently only have access to Banner Self-Service w/o MFA, but we are hoping to sunset that access in 
2020.
Emeritus = Yes - treated just like faculty in almost every way
Guests = No (but the only access they really get is wireless.  Anyone not listed above but needing more access goes 
into the next category).
Contractors/Volunteers/Interns/Visiting Scholars, etc = Yes

Thanks,

Chris


Chris Gregg
Associate Vice President of Information Security & Risk Management, CISO
Innovation & Technology Services (ITS)
csgregg () stthomas edu<mailto:csgregg () stthomas edu>
p 1 (651) 962-6265
University of St. Thomas | stthomas.edu<https://www.stthomas.edu/>




From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Pardonek, Jim
Sent: Friday, January 3, 2020 10:59 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [External] Re: [SECURITY] Multifactor on campus

Not to hijack this thread but could we include Alumni, retirees and emeriti (if you let them continue to use university 
email)

Students  Yes as of 5/1/2020
Faculty = Yes as of 5/1/2020
Staff = Yes as of 5/1/2020
Alumni = No if they opt in for email for life
Emeritus = Yes if they have access to more resources than email.
Guests = No


James Pardonek, MS, CISSP, CEH, GSNA
Information Security Officer
Loyola University Chicago
1032 W. Sheridan Road | Chicago, IL  60660

*: (773) 508-6086

Loyola University Chicago will never ask you for your username or password.
For the latest information security news at Loyola, please follow us online,
Twitter: @LUCUISO
Facebook: 
https://www.facebook.com/lucuiso/<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2Flucuiso%2F&data=02%7C01%7Ccsgregg%40STTHOMAS.EDU%7C65020afb491b47518abb08d7906e4a84%7Ca081ff79318c45ec95f338ebc2801472%7C1%7C0%7C637136675684366228&sdata=tQ6EaTFkEL9PrXfQs693rrZvG88DJKUbaDa9n3jbKQQ%3D&reserved=0>
Our Blog http://blogs.luc.edu/uiso/

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of Telfer, Will
Sent: Friday, January 3, 2020 10:55 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Multifactor on campus

We have implemented multifactor on over 60 services used by faculty, staff, & students.

Students  Yes
Faculty = Yes
Staff = Yes
Guests = It depends (for the most part guests are either sponsored for wireless access by a current faculty/staff 
member or in the instance of consultants they are treated like a faculty/staff member so they are required to Duo into 
services)

Thank You,
Will Telfer, M.S.
Information Security Analyst
Information Technology Services

Follow BaylorITS & look for the #BearAware:
Twitter: @BaylorITS
Facebook: facebook.com/BaylorITS
Website: baylor.edu/BearAware

[BU_e-signature]

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of Kimmitt, Jonathan
Sent: Friday, January 3, 2020 10:48 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Multifactor on campus

Hi all,

I wanted to do a quick unofficial poll for who utilizes multifactor on campus.....  Any responses for or against are 
welcome!

Do you use multifactor for:

Students  Yes/No
Faculty = Yes/No
Staff = Yes/No
Guests = Yes/No

We have deployed Microsoft MFA for users who have access to our ERP, but are looking to expand to all employees and for 
more services.  Several Universities around the area have gone full MFA for all users.

Thanks all!

-Jonathan


~
Jonathan Kimmitt
CISSP, PCIP, CEH, CIPM, GPEN, CIPT, CIPP/E
Chief Information Security Officer
Information Technology
The University of Tulsa
918.631.2743
jonathan-kimmitt () utulsa edu<mailto:jonathan-kimmitt () utulsa edu>




**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=02%7C01%7Ccsgregg%40STTHOMAS.EDU%7C65020afb491b47518abb08d7906e4a84%7Ca081ff79318c45ec95f338ebc2801472%7C1%7C0%7C637136675684366228&sdata=YaKGXSlmD1HDbZpZ6ykUmYg0nyOdyViWICAk0xD6Hys%3D&reserved=0>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=02%7C01%7Ccsgregg%40STTHOMAS.EDU%7C65020afb491b47518abb08d7906e4a84%7Ca081ff79318c45ec95f338ebc2801472%7C1%7C0%7C637136675684376216&sdata=r4H2XFeBVMYJTEhQmVwp7dxcX22QROuAjqyPmaG3taA%3D&reserved=0>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=02%7C01%7Ccsgregg%40STTHOMAS.EDU%7C65020afb491b47518abb08d7906e4a84%7Ca081ff79318c45ec95f338ebc2801472%7C1%7C0%7C637136675684376216&sdata=r4H2XFeBVMYJTEhQmVwp7dxcX22QROuAjqyPmaG3taA%3D&reserved=0>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Current thread:

Multifactor on campus Kimmitt, Jonathan (Jan 03)
- Re: Multifactor on campus Banks, Teresa E - (tbanks) (Jan 03)
- Re: Multifactor on campus Thomas Skill (Jan 03)
- Re: Multifactor on campus Telfer, Will (Jan 03)
  - Re: Multifactor on campus Pardonek, Jim (Jan 03)
    - Re: Multifactor on campus Kimmitt, Jonathan (Jan 03)
    - Re: Multifactor on campus Miller, Richard H. (Jan 08)
    - Re: [External] Re: [SECURITY] Multifactor on campus Gregg, Christopher S. (Jan 03)
- Re: Multifactor on campus Greg Williams (Jan 03)
- Re: Multifactor on campus Grimes, Greg (Jan 03)
- Re: Multifactor on campus Foss, Henry L. (Jan 03)
  - Re: Multifactor on campus Ben Marsden (Jan 03)
- Re: Multifactor on campus Snook, Allen (Jan 03)
- Re: Multifactor on campus Seth Rogers (Jan 03)
  - Re: Multifactor on campus Schnitzer, Lawrence (Jan 03)
- Re: Multifactor on campus Mohamed Elhindi (Jan 04)
- Re: Multifactor on campus Joanna Grama (Jan 04)
- Re: Multifactor on campus Koppel, Lorna (Jan 06)

(Thread continues...)