MSU to rollout two-factor authentication in the spring of 2015

Cyber attacks on computer systems and networks to obtain personal information and other confidential data take place on a daily basis.

To maintain the integrity and security of our institution’s data, Michigan State University is taking steps to increase the level of protection in systems amassing sensitive and personal information by implementing two-factor authentication in spring 2015.

“Two-factor authentication solutions improve security and reduce the risk of compromise inherent in single-factor authentication solutions such as static passwords,” says MSU Chief Information Security Officer Rob McCurdy.

Types of authentication

Passwords alone no longer provide a sufficient degree of safety. While easy to use, passwords are vulnerable to a variety of assaults including guessing, impersonation, observing, borrowing, snooping, and phishing.

Stronger authentication methods are needed to reduce the risk of a compromise, especially with high value systems such as those that process or store sensitive and restricted information.

When using two-factor authentication, an individual pairs something they have (e.g., a token) with something they know (e.g., a password).

It’s similar to how an ATM card works. Individuals are able to withdraw money from an account because of something the person has (e.g., a bank card) and something they know (e.g., a PIN).

twofactor4

If one of these two items is lost, stolen, or otherwise compromised, a wrongdoer is unable to withdraw money since they are unlikely to possess both factors.

Two-factor authentication is a much stronger method over a user name and password alone. It also provides added protection for both individuals and the MSU community.

Two-factor authentication timeline

MSU will implement two-factor authentication for a majority of the systems containing sensitive or restricted information.

MSU’s Enterprise Business Systems (EBS) will be the first system for which two-factor authentication will be applied during March-April 2015. More details will be coming to the MSU community over the next few months.

The decision to start with these systems was made due to the amount of sensitive information they hold and to help protect MSU employees in light of recent theft attempts against the payroll of several individuals.

Once two-factor authentication is implemented for EBS, it will be expanded to additional MSU applications.

“As the world is increasingly interconnected, everyone shares the responsibility of securing that space,” says Joanna Young, MSU vice president of information technology and chief information officer. “We are implementing two-factor authentication to do our part to help protect MSU employees.”