We have Azure/AD MFA enabled for all adults and all students. It wasn't that difficult to get enabled once we started. I wanted to emphasize the new
NIST findings that James mentioned about less frequent password changes to emphasize better practices. This is a
HARD thing to get folks on board with...
------------------------------
Nicholas Marchese
Director of Academic Technology
Emma Willard School
------------------------------
Original Message:
Sent: 08-06-2021 08:29 AM
From: James Manikas
Subject: Multifactor authentication
We have implemented MFA with all faculty and staff for all of our systems. This includes LMS and email. It is required across the board. The password security recommendations I have been reading lately are moving away from complex passwords requirements and frequent changes. The thinking is that people will use the same password over and over, with just minor changes to meet requirements. It is also just too easy to get some people to reveal their login credentials through social engineering or Phishing attacks. MFA is just a better security layer.
However, are currently have no plans to require MFA for students or parents.
Jim M.
------------------------------
James Manikas
Director of Technology
Webb School of Knoxville
Original Message:
Sent: 08-05-2021 09:26 AM
From: Ashley Cross
Subject: Multifactor authentication
What are your plans for multi-factor authentication as you go into the new school year? Have you seen any changes in the requirements of your cyber insurance requiring MFA to be in place for all faculty?
#ITSystemsandSupport
#Leadership
#CybersafetyandDataSecurity
------------------------------
Dr. Ashley Cross
Director of Membership +
Access Points Community Manager
www.theatlis.org
888-502-8547
------------------------------