Based on feedback from faculty and staff regarding Multi Factor Authentication (MFA), ITS is rescheduling MFA to be turned on Monday morning, April 8th, at 9am. When you attempt to access email or O365 from outside the Eastern campus network after that time (even with a smartphone), you will be prompted to register for MFA. (Please note: if you never use email or O365 from outside the campus network, you don't need to do anything).
Even though the cutover will not be until April 8th, faculty and staff are encouraged to begin registering now for MFA. By registering beforehand, you can register at your leisure and get assistance, if necessary, and be all set when April 8th rolls around. If you would like assistance, you can visit the Help Desk, or faculty may contact CIT to set up a visit to your office. IT staff are eager to help you with this transition.
The purpose of MFA is to protect the Eastern community from an increasing number of cyberattacks that have already caught several members of the community both in terms of ransomed files that have been encrypted and fake messages that resulted in stolen money. MFA is an inexpensive and very effective method for protecting everyone from unauthorized access and malicious attacks aimed at stealing passwords. It is being used by a large number of colleges and universities, and is recommended as the best way to manage the risk of IT use off campus. MFA is recommended as a best cybersecurity practice, and is being used throughout higher education.
In addition, NECHE requires Eastern to have in place "procedures ensuring ... the integrity and security of data," and FERPA requires that educational institutions implement "reasonable methods" to protect student records." MFA will help protect our students and improve Federal compliance while at the same time demonstrate to NECHE that we take these responsibilities seriously. Finally, MFA will also better protect the integrity and privacy of online faculty and staff records and information. The Information Technology Advisory Committee (ITAC) is convinced that the community’s needs will be accommodated with this plan.
For those interested in additional information, we recommend the following links:
Anyone who would like assistance can visit the Help Desk, or faculty may contact CIT to schedule a visit to your office.
The MFA process requires a onetime setup of your notification preference (app, text, or phone call). There are a variety of permutations possible for differing situations and circumstances, but for most users, we recommend option 4 below since it works on both cellular and wireless connections to the Internet. That is also the best option for those who travel, especially abroad. The other options work only with either a cellular connection or a land-line connection (unless you have an ip phone on the device you plan to use for O365 and email).
To configure your MFA profile, select one of the drop down options to register at https://aka.ms/mfasetup (see explanation of options below). Once MFA is activated for your account and a successful MFA authentication process occurs on your device, you will be prompted for MFA every 30 days on your off-campus device(s). There are five preference options, only three of which are relevant for Eastern users, highlighted in bold:
Option 1: “Call my authentication phone.” This option registers your phone number to receive a voice call to authenticate (smart phone, flip phone, ip phone, or land line). This option requires cellular or land line phone service (unless you’re using an ip phone which only requires Internet access). It will send a voice call to your number to authenticate you upon answering the phone and acknowledging that you wish to authenticate by pressing the # key to approve or no action (hang-up) to deny.
Any questions should be directed to the Help Desk at (860) 465-4346 or Helpdesk@easternct.edu.