ITS to roll out multifactor authentication

Information Technology Services (ITS) will be rolling out Multifactor Authentication (MFA) to students beginning this semester. The system will combat phishing by making it more difficult for online criminals to access SVSU accounts.

MFA is a multi-layered system for logging into accounts. It will require the user’s current sign-in credentials as well as one other authentication factor before permitting access to accounts.

Users will choose between downloading the app, receiving a text message, receiving a phone call or using an Oath Token to access their accounts. Those who have smartphones with fingerprint scanners will be able to authenticate using their ngerprint.

ITS initially began testing MFA with ITS staff in the summer of 2017. MFA was then rolled out to staff and adjuncts. A select group of students were also given the option to be a part of testing.

“I used the text message method that allowed me to text a code to access my SVSU materials,” said social work sophomore Paige Bagnall. “When I didn’t have my phone, I was able to use the safety questions method as well, which required me to answer two of the security questions I created when I originally set up the program.”

Current freshmen will begin setting up their methods of MFA this month. During

this spring and summer, MFA will be rolled out to faculty.

ITS is rolling out MFA in waves to allow people to work through it and address issues they may be having.

“We want to make sure we can give them proper support and a good experience,” said Deborah Roberts, a senior Instructional Technology Specialist.

Students will only be using MFA off-cam- pus. When students are on SVSU’s network, they will not need to authenticate to access their account.

“When you’re here on campus, we have a little bit more control because you’re on our internal network, so we can see the traffic and try to protect you better,” said Larry Emmons, the director of Technology and Support Services. “But when you’re at home, we don’t know what’s between them and us, so we can’t protect you as well. With MFA, we at least know when you’re trying to get to our systems, it’s you because you’ve answered your third factor.”

The my.svsu portal will only require MFA to be used once and will allow the user to move between different SVSU internet services without reauthenticating, as it does now. However, the system is browser independent. Meaning, if you use more than one browser at a given time, you will have to use MFA in both.

MFA will continue to be rolled out in waves until all users of University accounts are using it.

Reporting from Melissa Vennix, Reporter

Melissa Vennix
Latest posts by Melissa Vennix (see all)

Categories: Uncategorized

Tagged as: , , , ,

Leave a Reply