The UNE Multi Factor Authentication (MFA) project is being delivered as part of the Cyber Security Rapid Uplift Programme (RUP) to address the growing vulnerabilities that the continued use of passwords presents.

What is MFA

Multi Factor Authentication, as the name suggests, is based on the principle of having more than one way of verifying a person’s identity.  This follows the concepts below.

A combination of any two out of the three factors will service to improve the level of confidence that the person requesting access is who they say they are.  ‘Something you know’, is already embedded at UNE via username and password access.  The second factor selected by UNE is ‘Something you have’.  The default option will be via smartphones and alternatives can be provided based on need.

Next Steps
During October, trials of TWO applications selected based on risk to business and impact during initial implementation will be undertaken.  TDS is to be initial user group as technical SME’s to identify and iron-out any bugs.  The SLT is to follow as the next user group. 
During this period, Duo capabilities will be fully exercised including system connectivity failures, lost or failed tokens etc. prior to deployment across UNE.  This will ensure:

• Identified failures will have been corrected
• Exception processes documented in a knowledgebase
• Communications and training programs developed
• Operational and Support procedures developed
• Learnings fed back to Project Team for improved deployment across UNE

What does Success Look Like
The trial will identify a number of User Stories to determine if the project is successful.  These will measure, amongst other things:

• Reduction in risk to UNE through password compromise.
• Seamless and simplified access to applications and systems.
• Reduction in support overhead

Questions and comments can be sent to Stewart Hayes on shayes31@une.edu.au