Higher education overall has seen an increase in cyberattacks due to the collection and retention of sensitive, personally identifiable data including social security numbers and financial aid data. Cyberattacks against universities were up 100 percent in 2020 compared to 2019, and the average ransom demand was $447,000. While there is no single tactic to prevent all cyberattacks, Daemen College has taken several proactive steps including the use of multi-factor authentication (MFA).
Also known as two-step verification, MFA is an additional layer of security in the login process. It combines something you “need to know” such as your password with something you “need to have” such as your smartphone or computer to confirm your identity. By using more than one method of authentication, your identity is verified and kept safe from phishing and other cybersecurity attacks. In case a user faces a cyberattack that is not simulated, increasing the frequency of MFA helps to protect the sensitive data that the college maintains.
Here are some common ways MFA is used every day:
- When using an ATM, you need your bank card and your PIN number
- When paying for gas with a credit card you need to enter your zip code
- When logging into your bank account online you may be prompted to enter a security code sent via text message
In the 2018-2019 school year, all Daemen employees, students, and alumni were enrolled in MFA and it has provided an immense level of protection to their online information, as well as Daemen’s. Since 2019 all-new user accounts have been auto-enrolled in MFA.
How to set up MFA
Listed below are some of the factors you can set up for MFA:
- Adding OneLogin Protect App
- 3 Security Questions
- YubiKey (USB Hardware Token)
- Google Authenticator App
Do I have to use a smartphone to enroll in MFA? No, you do not need a smartphone. Instead of using the OneLogin Protect App or Google Authenticator app, you can set up security questions or use a YubiKey.
Do I have to do this every time I log in? It depends on what level of sensitive information you have access to and if you are logging into a new device. You will be prompted for your security factor whenever you are accessing Daemen’s online resources on a new device or computer. You will also be prompted every 14 days on the same device or computer. If you have access to extremely sensitive data you may be prompted more than once every 14 days.
Should I set up more than one factor? For your convenience, please consider setting up at least two authentication methods. This can be a phone and security questions, or an app and a hardware token, or whatever combination works best for you. This ensures that if your device is forgotten at home, you have a secondary method to authenticate with.
How does this impact my privacy? If you choose to use the OneLogin Protect mobile app, Daemen will not be able to see the personal information on your device. The only data collected is related to the use of the app (operating system, application version, IP address of authentication attempt, etc.).
How does this work with traveling abroad? If you enroll a smart phone or tablet with an App and have a cellular connection or a WiFi connection, you can authenticate as you normally would. If you enroll a hardware token, that does not require an internet connection, although the services you are trying to authenticate with (MyDaemen, Blackboard, etc.) do. If you are able to access these services with a cellular or WiFi connection, you will be able to authenticate.
Do I have to enroll? Enrollment for all Daemen employees, students, and alumni is required. It is automatically turned on for all accounts.