Multi-Factor Authentication

Multi-Factor Authentication

Multi-factor Authentication (MFA) enhances security by adding a layer of protection to the authentication process. 

Description

Multi-factor Authentication (MFA) requires you to verify your identity with something you know (your credentials) and an item in your possession (your device). As a result, MFA effectively prevents unauthorized access, even if your password has been compromised.

The CSU has selected Duo (duo.com) as the multi-factor authentication provider.  The multi-factor authentication project will initially roll out Duo for G suite to faculty, staff, and students. Other campus applications will be added to the deployment list to ensure SDSU information and your digital identity is protected.

Goals / Deliverables

Goals

  • Provide a highly available, scalable, user friendly, integrated multi factor authentication solution for the University.
  • Enhance SDSU security and privacy posture across the enterprise.

Deliverables

  • Enable MFA to all SDSU SSO integrated Apps.
  • MFA website to provide self-support
  • Identify networks or applications that will require more work to make them "MFA ready"

Timeline

2020 2021

January

  • Duo MFA Project Initiated.

January

  • Initiated Duo MFA communication campaigns and workshops (through March).
  • Enabled Duo MFA for CHR.
  • Deployed Duo MFA Dashboard.

April

  • Developed communication plan with StratComm.
  • Reviewed application policies.

February

  • Enabled Duo MFA for UPD.

 

May

  • Sent communication to ITD about Duo MFA.

March

  • Enabled Duo MFA for all faculty, staff, and students.

July

  • Enabled Duo MFA for ITD.

April

  • Enabled Duo MFA on MS Exchange.
  • Communication sent to alumni, retirees, and emeriti regarding Duo MFA enforcement.
  • Enabled Duo MFA for Omni CMS.

August

  • Enabled Duo MFA for Foundation.

May

  • Enabled Duo MFA for alumni, retirees, and emeriti.
  • Review of application prioritization and integration.

September

  • Enabled Duo MFA for Campus IT, Procurement, KPBS, and Oracle E-Business users.

June

  • Enabled Duo MFA for Microsoft Azure SSO applications for ITD on June 21.
  • Strategizing to enable Duo MFA on all Microsoft Azure SSO Application campus-wide in Fall 2021.
  • Enabled Duo MFA for Medicat Patient Portal System.
  • Enabled Duo MFA for a smaller subset of users for Repro Store, SDSU Card, and Ellucian CRM Advance.

November

  • Enabled for the Academy.

July

  • ITSO discussed with IT leadership and other stakeholders, including IT Governance Council, plans to enable Duo MFA for all SSO applications.
  • Prepared Communications Plan to enable Duo MFA for campus applications and services.
  • Coordinated with StratComm on deployment of the Duo MFA Communications Plan in August.

December

  • Enabled for COS (Dean's Ofc) and CHHS (Deans' Ofc).

August

  • Enabled for PeopleSoft.
  • Communication reminders sent via State Up to Date (faculty and staff), direct email messages (faculty, staff, and students), and through social media.
  • Enabled for all SSO apps, including Canvas, Zoom, and 0365. List of Duo-supported services is provided here.

 

RACI

Task/Deliverable Ricardo Fitipaldi, Interim CISO StratComm ITSO ITUS Library HUB IT Leadership Jerry Sheehan, VP for IT / CIO
Project Management A   R     C I
Faculty and Staff Support C   C R   C I
Student Support C   C C R C I
Communication Strategy C R C     C I
Workshops A   R     C I
Duo Enabled on G Suite A     R   I I

RACI Key

  • Responsible: People or stakeholders who do the work.
  • Accountable: Person or stakeholder who is the "owner" of the work.
  • Consulted: People or stakeholders who need to give input before the work can be done and signed-off on.
  • Informed: People or stakeholders who need to be kept "in the picture."

Updates

Loading Feed