American University ramped up efforts to keep University and student data safe on Feb. 15, expanding Duo multi-factor authentication to Canvas, library systems and the Washington College of Law, among other services.
This is the latest in a series of steps to increase cybersecurity in all of AU’s systems, University officials said. The February “event” focused on protecting student-facing systems, and on April 18, the Office of Information Technology will implement Duo to protect staff-focused systems, according to Steve Munson, vice president and chief information officer.
In the future, Duo multi-factor authentication will expand to Eagle Service and MyAU portal. These systems will be protected for staff starting April 18 and for students in fall 2023.
“With the time of year, we didn’t want to put those systems on multi-factor authentication while you’re on spring break,” Munson told The Eagle. “I know it gets a little bit more intense to finish out the semester, so we're gonna give that a little bit more time.”
The University believes multi-factor authentication is the best way to protect University and student data in a changing technology landscape but wants to “minimize disruption” as much as possible, Munson said.
“We’re very pleased with the levels of community preparedness,” Munson said. “OIT tracks how many people call in with tech issues related to a multi-factor authentication roll out and works to minimize those as much as possible,” Munson said.
For students, multi-factor authentication often seems like a hassle, according to Dan Sirota, a junior in the School of Communication, but University communication helps.
“[My friends have] been complaining about it because they’re like, ‘who cares if someone gets into my Canvas assignment,’” Sirota said. “But at the same time it affects a lot more than that.”
Multi-factor authentication drastically reduces the risk of student and University data breaches and works better for the University than a firewall, because University systems are much less controlled, Munson said.
“One of the big differences with being at higher-ed versus a company or corporate entity is that we have a community,” Munson said. “It’s not just a bunch of employees, and so sometimes there are differences like this where it becomes even more important for the community to be taking these extra steps individually.”
For students who are studying abroad, multi-factor authentication poses extra complications due to changes in phone numbers and potential site blocks. Munson’s team recommends in a guide for students traveling abroad that they ensure their AU password will remain valid while they’re traveling and enroll a device in Duo MFA before leaving.
Downloading the Duo Mobile app also helps ensure students won’t just have to rely on text messaging, giving them more options. Sirota finds his Apple Watch helps with potential inconveniences Duo poses.
“I can totally understand for the people who are complaining about having to take out their phone and open the app and all that stuff,” Sirota said. “For me, because I have the watch and the version compatible with it, it’s not terribly inconvenient.”
If community members get locked out of any of their AU accounts they can call or email OIT, who will help, Munson said.
“If you’re locked out of your account, we really want to give you the support as fast as we can.”
This article was edited by Jordan Young and Nina Heller. Copy editing done by Isabelle Kravis, Leta Lattin, Luna Jinks, Sarah Clayton and Stella Guzik.
