Greetings colleagues,
I want to inform you of a change to the way we login to campus services. Our liability insurance carrier notified HVCC of a requirement to implement Multi-factor Authentication (MFA) for employee email to renew our cyber-breach insurance policy. Beginning on Oct. 28 at noon, HVCC will require Multi-factor Authentication (MFA) to access MS Office 365 services, including email. We were already preparing to enact this change, among others, in January during intersession, but the timeline has now been accelerated. This only applies to employees. Students are not included at this time.
What is Multi-factor Authentication?
MFA is a login method that requires more than just one factor, such as a code sent to a cellphone, to verify your identity. You’ve likely used this technology when signing into your bank or other sensitive sites. MFA will prevent an attacker from gaining access to your account if your password becomes compromised. They won’t be able to log in unless they also have your mobile device. A second factor might include a text message or a phone call to a trusted phone number or a notification in an authenticator app.
Do I need to wait?
No, and to ensure a smooth transition, we encourage everyone to configure MFA before the Oct. 28 deadline. MFA is already turned on as optional, and you can configure it now to get it out of the way.
Simply visit https://aka.ms/MFASetup from a computer to set it up, and make sure you have your mobile device handy.
When is this happening?
We have enabled MFA right now as optional, and we are encouraging everybody to configure it now. In about two weeks on Oct. 28 at noon, we will configure our login service to require MFA. Any employee who has not already completed the registration process by that time will be asked to do so upon their next login.
What services will be impacted?
This is the first phase of the MFA initiative and it will impact all Microsoft Office 365 applications which require online access, such as Outlook, MS Teams, and OneDrive. You may also be asked for MFA if you use an online component of an offline app (such as saving a document to OneDrive from MS Excel). The web versions of Office365, including email, are included.
The second phase of this project will occur during intersession as planned when we will incorporate the MFA protections into more HVCC services. I will communicate more about those changes as the date nears.
What verification options will be available?
You will be able to choose from a variety of verification options. The easiest to use is the MS Authenticator app, but we recommend configuring as many options as possible to give you the greatest flexibility when logging into our services. Options will include SMS/Text, phone call (to a cell, landline or desk phone) and push notifications to your smartphone. Configuring multiple options will ensure that you do not become locked out if you cannot access your primary authentication device/number.
What training resources are available?
The process for using MFA is easy. Microsoft has prepared a quick tutorial on configuring and using MFA using the MS authenticator app, which we recommend for its ease of use. We have also compiled some documentation resources to assist.
If you would like additional help in configuring or using MFA, please give the helpdesk a call at (518) 629-7364, and we will schedule a training session with you.
We recognize this timing is less than ideal and if given a choice we would never implement a change like this in the middle of a term. I appreciate your patience and cooperation. Please don’t hesitate to reach out with any questions.
Best regards,
Jon
Jonathan R. Brennan
Chief Information Officer
Published: Tue, 19 Oct 2021 12:00:26 +0000 by j.brennan