1 of 26

MFA is Coming Your Way!

Nicole Decker

Sean Moriarty

Campus Technology Advisory Board

February 11, 2022

Introducing Multi-Factor Authentication @ SUNY Oswego

2 of 26

Agenda

  • What is MFA?
  • Why are we implementing?
  • Systems involved
  • What is the path ahead
  • Demo of MFA @ Oswego
  • How you can turn on MFA now

3 of 26

Multi-Factor Authentication

Two-Step Login adds an extra layer of security to your Lakernet ID and password by requiring:

  • something you know (your NetID and your password), plus
  • something you have (a physical device, like your phone)

4 of 26

Why Implement MFA?

  • The risks are far greater than they were in the past
  • SUNY schools are under attack (there have been several attacks in 2021 at SUNY schools)
  • MFA reduces identity theft and deters hackers
  • People expect us to protect their information with the latest tools

5 of 26

Why? (cont’d)

  • We have personally Identifiable Information in our systems
  • The cost of a hack will be high
  • Want to balance the security of our systems with doing the business of the University…
  • We will be going through great technical change this year
    • MFA
    • New DLE (D2L)

6 of 26

Systems involved

  • All those that utilize Microsoft Azure login, at this point:
    • Blackboard O365
    • Zoom Adobe CC
    • Spectrum U EZProxy
    • Administrative Banner
  • Because of the importance in the data in Banner, that will be moving to Azure login as well (February 21)

7 of 26

Second Factor Options

  • Mobile Phone Options
    • Authenticator app approval
    • Authenticator app code
    • a texted code to your phone
  • Non-mobile phone options
    • Call to your office phone
    • An extension added to Chrome browser to approve

8 of 26

Path Ahead

  • All Applications that use the M/S Azure login will use MFA
  • Banner moves to Azure- Feb 21
  • Timeline
    • Opt-in starting March 14
    • Default for employees April 4
    • Residential students - April 11
    • Non-residential - April 18
  • SUNY Federation Login will be moved to Azure- June 13 16
    • will affect login to SUNY systems such as HR, Degreeworks, Finance, BI, etc.

9 of 26

Balancing Security v Ease of Use

  • Concerned about classroom ease of use
    • Classroom podiums (Windows devices) will not require MFA, authentication will remain password only

10 of 26

User Experience - Blackboard

11 of 26

User Experience - Blackboard

12 of 26

User Experience - Blackboard

13 of 26

MFA Setup Demo

14 of 26

15 of 26

Questions??

Comments??

61210600412983

16 of 26

17 of 26

18 of 26

19 of 26

20 of 26

21 of 26

22 of 26

23 of 26

24 of 26

misc items

The link to utilize:

https://aka.ms/mfasetup

25 of 26

What is MFA (or 2FA)?

Electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism:

    • knowledge (something only the user knows),
    • possession (something only the user has), and inherence (something only the user is).
    • MFA protects user data—which may include personal identification or financial assets from being accessed by an unauthorised third party that may have been able to discover, for example, a single password.

https://en.wikipedia.org/wiki/Multi-factor_authentication

26 of 26

The Authenticator

App

  • Authenticator App does not contain or preserve any personal information
  • Simply a code generator