A Higher Standard of Identity Management for Higher Education, PortalGuard provides a single launch point for end-users to access their daily web applications. The focus of this blog is how PortalGuard’s Multi-Factor Vendor Integration caters to the changing cybersecurity landscape in Higher Education.
Think of PortalGuard’s Multi-Factor Vendor Integration as a traffic cop. A user’s login experience is as followed:
For a stronger authentication that’s where PortalGuard can provide an extra layer of security by leveraging our integrations with different vendors. (For a detailed list of vendors we integrate with, check out our recent Press Release here.) These features help administrators create a seamless login experience while maintaining security compliance.
Why it is important to have options available to end-users and Administrators
Multifactor is becoming the norm on campuses across the United States because of the increasing numbers of phishing attacks. Administrators run into a common problem of users accepting and adopting 2FA. PortalGuard gives the administrators the flexibility of becoming the traffic cop at an intersection. For example, a user going to Blackboard authenticates with just a username and password. However, if that same user were to access a financial application it will prompt for 2FA. This is called app specific Two-factor Authentication. All of which is fully configurable on the back end for administrators. Administrators get to decide what apps are required for 2FA and which apps only need a single factor. Thus, creating a user-friendly login experience. With the Financial app locked down with 2FA, an administrator can set security policies. Student users may have the convenience of receiving an SMS OTP or receiving an alternate email. While the staff is required to enroll a mobile authenticator. In my experience, staff and faculty rebel in using any 2FA that involves using a personal device and I don’t blame them. Some student users fall into that category as well but mainly staff and faculty make up most of these cases. That shouldn’t stop your campus from being secure online no matter the situation.
Overcoming Objections for Students, Staff, and Faculty
The cost to have MFA implemented on campus can vary, due to the size of a campus, budget restraints, and environments. PortalGuard took these into account when adding the latest support for MFA. It all comes down to options and vendor integration and consolidation. Which brings me back to the Administrator/traffic cop navigating the best approach for user adoption of MFA. For the IT department to be the epicenter of the campus digital environment, an administrator can choose to implement RSA SecurID or Yubikey. For those staff and faculty giving IT a hard time about using personal devices, a Yubikey provided at the expense of university may be the answer. It's up to the administrators to decide. Key take away? PortalGuard’s Multi-Factor is adaptable in any environment.
Getting users to use Multifactor Authentication
In the middle of National Cybersecurity Awareness Month, EDUCAUSE held a webinar about 2FA. During that webinar the adoption rate for the Utah Valley University was discussed and campaigns for getting users aware of the new security policies that require applications to be locked down with Multifactor. PortalGuard has deployment kits to help administrators spread awareness and directions to enrolling 2FA on campuses through email templates and announcement postings. Announcements are critical to spreading information across campus quickly and efficiently. Built into PortalGuard, administrators can direct specific announcements to specific groups, OU’s or to individual users. This can be tied into which 2FA method is deployed as previously mentioned above. Another functionality that is unique to PortalGuard is giving users the options to Opt-In to 2FA. Allowing the end-user to choose how they would like to prove their identity with options made available by the administrators. When it comes time to users to adopt before a specific deadline, PortalGuard can force end-user enrollment to meet the mandated 2FA requirements.
Want to learn more? Contact us today!