The university is moving to stronger authentication methods for technology systems beginning with Enterprise Business Systems. Stronger authentication methods are needed to reduce the risk of a compromise.
To maintain the integrity and security of MSU’s data, and to protect individual information, steps must be taken to increase the level of protection for systems containing confidential and personal information by implementing two-factor authentication.
When using two-factor authentication, an individual pairs something they have, such as a token, with something they know, such as a password.
It is similar to how an ATM card works. Individuals are able to withdraw money from an account because of something the person has, such as a bank card, and something they know, such as a PIN number. If one of these items is lost, stolen or otherwise compromised, a wrongdoer is unable to withdraw money since they are unlikely to possess both factors.
This is a much stronger authentication method over a user name and password alone. It provides protection for both the individual and the MSU community.
The first systems for which this higher level of protection will be added are Enterprise Business Systems because of the amount of sensitive information they hold and to help protect MSU employees in light of theft attempts against employee payroll.
The move to this stronger level of authentication for EBS began in March 2015. Once implemented for EBS, two-factor will be added to additional applications.
A phased registration period is occurring now. Registration began with individuals closest to the applications and security, followed by those who are highly active in the systems and will continue with those that use EBS the least frequently. The rollout schedule is posted at the bottom of https://secureit.msu.edu/two-factor/.
All MSU employees including student employees are encouraged to register at least two credentials now. Instructions for registering credentials is posted at https://secureit.msu.edu/two-factor/register.html.
Assistance in registering, managing, and using credentials for two-factor authentication are available by calling the IT Service Desk at (517) 432-6200 or by visiting the MSU Computer Store – Help and Repair office in room 120 of the Computer Center.
Representatives are available to present the full plan for this implementation. If you would like someone to present with your department or college, please contact Katherine Ball at ktball@msu.edu or by phone at (517) 353-3295.
For more information, visit https://secureit.msu.edu/two-factor/.