“We had a few incidents that involved employees which got us thinking on what we could do to protect institutional data as well as protect the employees. Duo fit the bill perfectly.” - Matt Lorimer, USU
Security teams at higher ed institutions manage large, dispersed user populations, protecting people and data in many different circumstances, across campuses and often, multiple geographies. Since these populations may not have the best security hygiene -- having the right tools to help manage security is essential.
The Verizon 2016 DBIR criticizes weak or default credentials, and again they recommend two-factor authentication as one of the protective measures. Strong multi-factor authentication is a reliable control to mitigate security risks from compromised credentials.
In addition, shifts toward cloud use can mean that someone on your staff may be accessing your sensitive networks from a vulnerable 2005-era Windows machine at their mother-in-law’s house. And, BYOD has created countless security challenges. Or, your staff tries to find workarounds to any security protocols that they deem cumbersome to use.
How can you develop an effective authentication security strategy that also offers benefits on patch updates, end-user device management, and cloud security?
Matt Lorimer, Systems Administrator, Utah State University
I've been doing systems management and security for over 13 years at Utah State University. My primary focuses include penetration testing, systems security, linux administration, virtualization and storage management. I have also been helping plan and implement SAINTcon, a regional computer security conference for the last 5 years.