On Oct. 24, the University of Indianapolis Information Technology Department (UIndy IT) began enabling a new multi-factor authentication for UIndy login pages called Duo. This new login feature requires students to download the Duo Mobile app to log in to their UIndy account. Whenever students and faculty try to login to Brightspace, the app asks to either “send a push” to the app (which allows students and faculty to accept or deny the login request with the push of a button), call their phone to request approval for the login request or asks students and faculty to enter in a passcode on the app to log in.
According to University of Indianapolis Interim Chief Technology Officer Matt Wilson, this new login system makes it almost impossible for hackers to log into a UIndy account.
“Multi-factor authentication is a way to secure an account… it can use something you know, which is your password and something you have, which is your phone [to provide security],” Wilson said. “Someone would have to know your password and have your phone to break into your account, and in today’s world, that is highly unlikely.”
Apps like Duo are now needed in today’s technological world due to hackers and phishers becoming more sophisticated in the ways that they steal data, according to Vice President and General Counsel for the University of Indianapolis Andrea Newsom.
“It seems you can’t really pick up a newspaper or look at a news website anymore without seeing a headline that talks about some kind of unauthorized intrusion [into online accounts]… where real damage has been done to a computer network,” Newsom said.
Not only will Duo help protect accounts from hackers and phishers, but enabling this authorization system helps UIndy abide by new federal regulations, according to both Wilson and Newsom.
“The Gramm-Leach-Bliley Act, the GLBA, is a federal regulation that requires financial institutions and higher education institutions to comply with a set of safeguards [for personal information],” Wilson said. “One of those safeguards is multifactor authentication on all systems… For the most part, we see [that] all of these phishing attacks are coming from places like Russia and China and Iran, so getting access to your physical phone would be next to impossible….”Wilson said if students are experiencing any problems with logging in with Duo to send an email to firstname.lastname@example.org or to visit the UIndyIT Help Desk website.