Multi-Factor Authentication

Multi-Factor Authentication

Multi-factor Authentication (MFA) enhances security by adding a layer of protection to the authentication process. 

Description

Multi-factor Authentication (MFA) requires you to verify your identity with something you know (your credentials) and an item in your possession (your device). As a result, MFA effectively prevents unauthorized access, even if your password has been compromised.

The CSU has selected Duo (duo.com) as the multi-factor authentication provider.  The multi-factor authentication project will initially roll out Duo for Google Workspace to faculty, staff, and students. Other campus applications will be added to the deployment list to ensure SDSU information and your digital identity is protected.

Goals / Deliverables

Goals

  • Provide a highly available, scalable, user friendly, integrated multi factor authentication solution for the University.
  • Enhance SDSU security and privacy posture across the enterprise.

Deliverables

  • Enable MFA to all SDSU SSO integrated Apps.
  • MFA website to provide self-support
  • Identify networks or applications that will require more work to make them "MFA ready"

Timeline

2020 2021

January

  • Duo MFA Project Initiated.

January

  • Initiated Duo MFA communication campaigns and workshops (through March).
  • Enabled Duo MFA for CHR.
  • Deployed Duo MFA Dashboard.

April

  • Developed communication plan with StratComm.
  • Reviewed application policies.

February

  • Enabled Duo MFA for UPD.

 

May

  • Sent communication to ITD about Duo MFA.

March

  • Enabled Duo MFA for all faculty, staff, and students.

July

  • Enabled Duo MFA for ITD.

April

  • Enabled Duo MFA on MS Exchange.
  • Communication sent to alumni, retirees, and emeriti regarding Duo MFA enforcement.
  • Enabled Duo MFA for Omni CMS.

August

  • Enabled Duo MFA for Foundation.

May

  • Enabled Duo MFA for alumni, retirees, and emeriti.
  • Review of application prioritization and integration.

September

  • Enabled Duo MFA for Campus IT, Procurement, KPBS, and Oracle E-Business users.

June

  • Enabled Duo MFA for Microsoft Azure SSO applications for ITD on June 21.
  • Strategizing to enable Duo MFA on all Microsoft Azure SSO Application campus-wide in Fall 2021.
  • Enabled Duo MFA for Medicat Patient Portal System.
  • Enabled Duo MFA for a smaller subset of users for Repro Store, SDSU Card, and Ellucian CRM Advance.

November

  • Enabled for the Academy.

July

  • ITSO discussed with IT leadership and other stakeholders, including IT Governance Council, plans to enable Duo MFA for all SSO applications.
  • Prepared Communications Plan to enable Duo MFA for campus applications and services.
  • Coordinated with StratComm on deployment of the Duo MFA Communications Plan in August.

December

  • Enabled for COS (Dean's Ofc) and CHHS (Deans' Ofc).

August

  • Enabled for PeopleSoft.
  • Communication reminders sent via State Up to Date (faculty and staff), direct email messages (faculty, staff, and students), and through social media.
  • Enabled for all SSO apps, including Canvas, Zoom, and 0365. List of Duo-supported services is provided here.

 

RACI

Task/Deliverable Ricardo Fitipaldi, Interim CISO StratComm ITSO ITUS Library HUB IT Leadership Jerry Sheehan, VP for IT / CIO
Project Management A   R     C I
Faculty and Staff Support C   C R   C I
Student Support C   C C R C I
Communication Strategy C R C     C I
Workshops A   R     C I
Duo Enabled on Google Workspace A     R   I I

RACI Key

  • Responsible: People or stakeholders who do the work.
  • Accountable: Person or stakeholder who is the "owner" of the work.
  • Consulted: People or stakeholders who need to give input before the work can be done and signed-off on.
  • Informed: People or stakeholders who need to be kept "in the picture."

Updates

Loading Feed