Delayed from its original March 16 implementation, multi-factor authentication (MFA) for more WSU applications including Office 365, Blackboard, Adobe, Cougar Card, and more, is now rescheduled for the evening of August 4.
Why MFA? Why Now?
With more than 80% of all data breaches being due to compromised individual login credentials, MFA is the reigning security standard across many industries including higher education, healthcare, defense, and finance.
Universities such as WSU are a prime target for cyber criminals due to the collaborative access provided between user accounts. A single university account holder might have direct access to sensitive information across multiple academic and business departments including research, payroll, student data, and more.
As if security concerns were not substantial enough with the usual bad characters, the introduction of CoVid-19 brought even more determined malicious actors. These criminals are looking to capitalize on weakly guarded personal and organizational data, hoping to benefit from individuals working remotely without institutional network security. However, WSU’s Information Security team is ready with implementation of MFA across more than 90 additional university applications. The full list of applications can be found on the ITS website at its.wsu.edu/mfa.
How Does This Affect Me?
Office 365, Blackboard and Zoom*
Not all applications requiring MFA are used university wide. Users can visit the ITS website’s application list, and can talk with their local technical support staff to determine which applications will be affected in their areas. Three broadly used services that need multi-factor authentication prior to being accessed include Office 365, Blackboard and Zoom.
- More than 44,000 active WSU Office 365 accounts send and receive more than two million emails each day, and regularly share thousands of files across academic and business conversations.
- To keep our classes running, our 30,000+ Blackboard users start over a million class sessions every month.
- Experiencing a dramatic increase during WSU’s shift to remote business and academic function in March, WSU also now has 31,000 registered Zoom users putting in millions of meeting minutes each month.
These university-wide cooperative platforms require the enhanced identity protection provided by MFA today.
*For most applications, MFA is a step inserted at authentication. Office 365 email may require additional steps.
What about Office365 Email?
For most Office 365 users, nothing is required to prepare for this implementation. However, individuals who are not using a current version of Outlook may require some changes to their email accounts in order to be MFA-ready.
The only email applications that will be supported by ITS for Okta and multi factor authentication with Office 365 include:
- Windows: Outlook 2019/2016
- Mac: Outlook 2019/2016 for Mac
- Mobile Device: Outlook App for iOS and Android
- Web browsers: Outlook on the Web (Office 365.wsu.edu) using an up-to-date web browser
If users are not sure whether to take any steps to prepare for Office365’s MFA implementation, local department technical support staff can assist with those questions.
Office 365 Maintenance Changes
On May 11, ITS will perform authentication maintenance in Office 365 to prepare for these changes. At that time, you may see the following impacts:
- If you have cached credentials (your WSU Network ID and password are entered automatically for you), it may be necessary to remove those credentials.
- You may need to re-enter your credentials on your mobile device
- You may need to re-configure your mobile device profile
- There may be a difference in the login prompt for your email client as shown below.
Example log in prompt prior to May 11:
Note: your prompt may look different than this depending on OS and platform.
Example login prompt after May 11:
Example login prompt after August 4:
Consider Your Options
Since adding MFA to myWSU in December 2019, nearly 100% of the approximately 50,000 active users have set up and are using MFA, with the majority preferring text messages (SMS).
While texts can be convenient, there can also be delays during heavy cellular data demand-times, so Information Technology Services’ top recommendation is an authentication app such as Okta Verify or Google Authenticator. Both can be found in app stores. If users prefer not to use an application, a FIDO USB security key is the second-best choice.
Visit the ITS website for more information regarding MFA.
For technical assistance, please contact the Crimson Service Desk