You’ve probably been using multi-factor authentication without even realizing it. Over the past several years, it has been slowly making its way onto banking and credit card sites, and you can even add this extra layer of protection to most social media sites if you choose. For example, after entering your username and password to log in to your account, the site may generate an additional password or code that is sent to your email or cell phone that must be entered before you can finish logging in to the account. That’s multi-factor authentication.
At the same time, over the past few years, we’ve seen phishing and identity theft crimes increase in the higher education sector. At universities that were hit first, some employees who have been taken in by phishing emails have even had their pay checks rerouted away from their bank account to accounts controlled by cybercriminals. Word spread quickly among higher ed security experts, and by being aware and knowing what to look for we have so far been able to prevent similar results at Ohio State. However, we are planning to use multi-factor authentication to increase security, and took the first step in December when we signed a three-year contract with Duo.
“The Enterprise Security team saw a need to ramp up protection of both personal and university data in our systems,” says Helen Patton, Chief Information Security Officer. “Duo is an excellent fit for our security needs. Its application at other universities has been very successful, and it provides the added level of protection we’ve been seeking.”
This is the very first milestone in the project, and it was reached over a period of months after requesting proposals and reviewing the offerings of several vendors. The next step is rolling out multi-factor authentication in phases, with communication to users when systems they use will be affected. The project team is hard at work getting ready to implement Duo, first to pilot groups and eventually to the rest of the university.
Stay tuned for more updates on this project in the coming months. For more information about the project, please contact Project Manager Amber Buening.