Recognized advantages provided in today’s digital world also can present serious risks. Individuals in high-sensitivity areas, such as financial, data research or legal, may be particularly aware, but no one is immune, since personal information is equally vulnerable to phishing and other cyber-related criminal activity.
As the Department of Information Technology Services (ITS) continues to strengthen University infrastructure, another relatively easy, but powerfully effective, layer of security is being offered to faculty and staff in the form of two-factor authentication (2FA) technology. It works like this: in addition to entering the typical username/password combination (e.g. NinerNET credentials), a person is then asked to further verify his/her identity by performing one last task, such as approving a request sent to a smartphone app or entering a mobile passcode.
Duo, a company well-versed in 2FA in the higher education sector, was selected to provide this technology for UNC Charlotte.
A simple approach
Greg Verret, assistant controller of compliance in the Department of Financial Services, recently chose to connect Duo with his University accounts. He’s been using it with his personal email account and appreciates its simplicity.
“Since I almost always have my phone with me at work, I’ve found that the Duo system is fairly convenient to use,” said Verret. He added it’s “especially important for employees who work in financial services, since many of us have access to sensitive data.”
“Duo integrates well with most widely used applications and works across mobile platforms,” said Mike Carlin, vice chancellor for the Department of Information Technology Services (ITS) and chief information officer. “Over the last two years, industry experts have concluded that [2FA] is a relatively simple approach that can dramatically decrease the risks associated with compromised accounts.”
More than nine months ago, all employees in the Department of Information Technology Services were required to begin using Duo for pilot testing and documentation.
“We made sure the technology was used exhaustively to address potential issues or questions prior to offering it campus-wide,” said Carlin.
Duo is currently used by several institutions, Boston University and Virginia Tech are two. According to Rowanne Joyner, chief information security officer in the Department of Information Technology Services, “several other UNC system universities are using Duo, including UNC Greensboro, UNC Chapel Hill and N.C. State.”
Want to request Duo?
Faculty and staff can request Duo by completing this brief request form. Several Duo FAQs are available with further details, and the IT Service Desk can help at 704-687-5500 or email help@uncc.edu.
According to Carlin, the Information Security and Compliance Office is working with campus information security liaisons to identify departments working with highly sensitive level 2 or 3 data. “In the coming weeks, we will be reaching out these departments to begin setting up Duo, as well as offering briefings and trainings to ensure all is working well.”