NetID Two-Factor Authentication (Duo)

Project Purpose

The Duo NetID Two-Factor Authentication project works toward the fulfillment of Texas A&M System (TAMUS) Regulation 29.01.03, rev 2/5/2018, by identifying systems and services that contain confidential information under the TAMUS Data Classification Standard that require multi-factor authentication (MFA). Developing a program for MFA deployment, a plan to onboard identified systems and services, and a communication and education strategy to enable adoption.

Campus Duo Requirement Deadlines

  • Feb. 18, 2019 U1, U2, U3, U4
  • Mar. 18, 2019 Graduate Students
  • Apr. 15, 2019 All Faculty and Staff

Goals

It is the goal of this program to reduce risk to TAMU by requiring multi-authentication methods when accessing systems or data that hold confidential, sensitive, or private information. Additionally, it is the goal of this project to protect accounts with elevated or privileged access from a compromise that may lead to a financial or reputational loss. As a result of this program, the sharing of account credentials will decrease significantly.

Milestone 1

Mitigate Risk from Ongoing Requests (i.e., publishing TAMU applications and sites externally, applications and sites that need authentication and/or hold confidential information, etc.) - Completed

Create and approve new procedure.
Change information on IT site.
Communicate procedure change.

Milestone 2

Duo-Enable Division of IT - Completed

Identify IT systems that need Duo.
Identify admin access that needs Duo.
Determine technical requirements.
Identify residual risk and document remediation.
Create and finalize an exception process.
Communicate to division employees.
Enable Duo on internally facing services.
Require use of Duo.

Milestone 3

Duo-Enable Division of IT Services to TAMU Employees – Work in Progress

Identify systems that are services to TAMU and need Duo.
Identify TAMU admin access that needs Duo.
Determine support Issues and mitigate gaps.
Determine technical requirements.
Identify residual risk and document remediation.
Create and finalize an exception process.
Targeted communication to affected employees.
Enable Duo on identified services and access.
Onboard TAMU employees to Duo – See Campus Onboarding.

Milestone 4

Duo-Enable TAMU - Campus wide – Work in Progress

Identify remaining campus services that cannot be enabled with Duo and create an exception.
Identify residual risk and document remediation for systems that cannot be Duo enabled or are partially protected.
Enable Duo on Identified services and access, file exceptions.
Changes to CAS, Gateway to streamline Duo enrollment
Onboard users to Duo – See Campus Onboarding.

Milestone 5

Campus Onboarding – Work in Progress

Ensure campus IT professionals are Duo enrolled. Set campus IT professionals' accounts to be Duo required.
Enroll new freshmen and transfers in New Student Conferences. Set incoming student accounts to Duo required.
Enroll faculty and staff. Set faculty and staff accounts to Duo required.
Enroll current students. Set all student accounts to Duo required.
Continue enrolling incoming students. Continue enrolling new employees.

Back to Top