Do you ever forget a password … or have you had your personal data breached? While these issues are complex on a personal level, their impacts are magnified for a large organization. A Microsoft study states that users who enable multi-factor authentication (MFA) for their accounts will end up blocking 99.9% of automated attacks.
Imagine yourself in a leadership role at a college, with thousands of employees and students who do not have the MFA option. Such was the case for Grand View University. In a recent PortalGuard webinar co-hosted by Eric Link, Systems Administrator for Grand View, the adoption of PortalGuard’s identity management solutions, including MFA and SSPR, and their positive impact on the University is examined.
From the security darkness …
Nearly five years ago, Grand View University was in the security dark ages.They did not have requirements in place for password expiration or complexity. The majority of the staff had been using the same password for nearly a decade -- and some for even longer. Password resets and changes simply did not exist at this time for Grand View users. The only time a password change occurred was when a user knew about the archaic method of pressing “Ctrl + Alt + Delete” and clicking “Change Password.”
Not only were Grand View University’s users more likely to forget their passwords for their many applications (including SharePoint 2013, Exchange, Blackboard, Ellucian), but they were also at greater risk of having their personal information breached. Since their logins were not standardized for their many apps and multiple login pages, they had many username discrepancies.
Grand View University emerges into the light
Everything changed for Grand View University after purchasing PortalGuard. In the first eight months of purchasing PortalGuard, they added functionality to improve their password practices and implemented multi-factor authentication (MFA) and self-service password reset (SSPR) campus-wide.
Rather than entering the password for a particular app, Grand View users needed to provide a one-time passcode (OTP) from one of their authentication methods (Email, SMS, Mobile Authenticator, YubiKey) to access all of their applications.
Prior to implementing SSPR, Grand View’s help desk received 40+ daily calls for password resets and assistance. With PortalGuard, they were able to reduce their daily calls to fewer than 10. Today’s users can provide the help desk with their OTP to assist with a password reset.
After Grand View standardized their logins, they were able to start implementing Single-Sign-On (SSO) for their users. Fortunately for Grand View, this task was nimble to accomplish. Implementing SSO for their Blackboard and SharePoint applications, for example, took only a few minutes, because these applications were among the nearly 60 application templates included in PortalGuard. For applications which did not have built-in templates, PortalGuard assisted GrandView with configuration of the application via GoToMeeting.
Want to hear more about Grand View University’s journey from the security dark ages into the light with PortalGuard's MFA & SSPR solutions?