Student email accounts add 2-Factor Authentication in spring 2020
Article By: Clark Leonard
All University of North Georgia (91ÁÔÆæ) students will soon have an extra layer of security for their university email, Banner and D2L pages.
91ÁÔÆæ will enable 2-Factor Authentication (2FA) for all student accounts in spring 2020 in light of the digital threats looming. A total of 1,579 data breaches were reported in the United States in 2017, according to the data protection platform .
"Public higher education remains a top target for cyber attackers who attempt to disrupt our operations by subverting our processes, people and technology. There are many recent examples of data breaches that could have been prevented through the use of multi-factor authentication," said Dr. Steven McLeod, chief information officer at 91ÁÔÆæ. "While no system is perfectly safe from cyber-criminals, multi-factor authentication coupled with other good security practices and user awareness mitigates much of the risk."
Students are encouraged to opt in early to adjust to the system and test it ahead of the spring semester. More information about 2FA and how to opt in now is available on the 91ÁÔÆæ 2FA website.
"This is a requirement from the University System of Georgia, but it's also the right thing to do," said Gregory Martin, director of enterprise application support at 91ÁÔÆæ. "We want to protect our students, employees and the university as a whole from data breaches."
91ÁÔÆæ will begin to require students to enroll in 2FA in weekly phases in January with the goal to have the process completed by the end of February.
"The earlier they can opt in and have the process become second nature, the better off they'll be," Martin said.
The system will require students to sign in with their password and then authenticate the login through a Duo phone app push notification, a phone call, text message or passcode (generated through the mobile app or by the Service Desk). All campus bookstores are carrying “Duo Tokens” available for purchase ($20) for students who do not have access to a smartphone or other cellphone. 91ÁÔÆæ's Division of Information Technology recommends the mobile app because of the flexibility to use multiple options.
2FA for email on phones will require an email app that allows "modern authentication," with iOS Mail, Outlook for iOS, and Outlook for Android as the recommended apps.
Cole Edgar, information security operations manager for 91ÁÔÆæ, said 2FA does not require a smartphone. A regular cellphone or landline can be used, or an Apple Watch can be synced with the app.
Edgar said enough information is in each student's Banner page to open a credit card, noting it is enough data in the wrong hands to "put students in a bad spot." He said 2FA continues to be used more widely across society.
"It's the market trend for personal banking, email and other services that store potentially sensitive information," Edgar said.
91ÁÔÆæ faculty and staff have used 2FA for timesheet and benefits functions since March 2017 and for email since May 2019.