“Turn on two-factor authentication, whenever possible.” That’s the advice given in a recent NY Times article for anyone who takes seriously the urgency of needing to protect their personal data. And Fordham University takes data protection very seriously. Multi-factor authentication (MFA), also called two-factor authentication, will be implemented at Fordham in 2017.
We have contracted Duo, which also provides MFA service to Columbia University, NYU, Harvard, MIT, and many other institutions. Once the service launches, when logging into My.Fordham or other Fordham system, you will be required to take an additional simple step, which is to validate yourself via an application on your phone. You can also opt to have a text sent to you or to receive a phone call.
Why We Need Multi-Factor Authentication at Fordham
Data security continues to be an increasing concern in the private and public sectors. The most recent security breach at Yahoo! is just one more in a long line that has included Sony, Apple, the University of Maryland, and the North Dakota University system. Hackers target higher education institutions for their intellectual property, personally identifiable information, and financial information.
Helen Nissbaum, in her book Privacy in Context (Stanford UP 2010), writes that “what people care most about is not simply restricting the flow of information but ensuring that it flows appropriately.” At Fordham, we care about ensuring that our data is managed appropriately, according to industry standards. That’s why we’ve introduced data classification guidelines and other measures, including MFA.
You probably already use some form of MFA at your bank and credit card company’s online sites. The Social Security Administration has also implemented voluntary MFA. In addition to the schools mentioned above, Boston College, Georgetown, and Loyola University – Maryland have also instituted MFA and have contracted Duo for these services.
Multi-factor authentication has received its share of academic and scholarly attention, in part because the information in the context of higher education follows different norms than information that flows in and out of doctor’s offices and credit card company servers. MIT, the University of Texas, and the University of Utah recently finished a project devoted to considering MFA in higher education contexts called “Multifactor Authentication in Higher Education–MFA Cohortium and Pilots.” The cohortium focused on “promoting the adoption of multi-factor authentication across higher education institutions.”
Although multi-factor authentication will require you to take an extra step every time you log in to My.Fordham or other Fordham system, it is an important layer of additional protection for University data. Multi-factor authentication cannot be dismissed as optional. Just like washing your hands before preparing food, MFA is basic hygiene in the everyday cyber world.
Read more about MFA at Fordham on Fordham News.