You are here:

All U employees moving to Duo for 2FA on 2/28/18

RSA users who do not ePrescribe may start using Duo sooner

By Jesse Drake

Jim Livingston, CTO

Jim Livingston, CTO

In December 2016, the university started to require that employees use two-factor authentication (2FA) when accessing certain online applications and IT systems. 2FA provides an extra layer of security by requiring a user to log in with a username/password combo plus a second method of verifying the user's identity (e.g., cell phone or tablet).

Initially, the university launched two different 2FA solutions – Duo Security for campus employees, and RSA SecureID for hospital and health science organization employees, offshore vendors, providers authorized for ePrescribing controlled substances, and clinical server administrators. But on Wednesday, February 28, 2018, Duo will be the single method of 2FA for all university employees, including student employees. 2FA is highly encouraged but optional for university affiliates and students who are not employees. No action is required for campus employees already enrolled with Duo.

A unified platform is easier to maintain and makes good fiscal sense, said Chief Technology Officer Jim Livingston.

"Duo Security has a proven track record at the university," Livingston said. "Not only does this transition take advantage of our existing site license, Duo also satisfies all of our 2FA needs of the campus and hospital."

On 2/28, ePrescribe and CAS Web will be switched to Duo, with the end of February targeted for all system integrations. The exception to this will be the conversion for offshore vendors, whose transition date is to be determined.

RSA users affected by the change have been notified of the timeline below, and a notice published in Hardwired, the Information Technology Services (ITS) newsletter.

RSA to Duo timeline (links open in Pulse)

A note about hard tokens (physical devices that generate 2FA codes): Because the university is unable to repurpose RSA tokens, and they will no longer be valid for U systems, users may discard them. While Duo offers a hardware token, the mobile app is the preferred authentication method, as it provides greater security and is less vulnerable to loss or misplacement.

Last Updated: 3/27/19