MFA (Multi-Factor Authentication)

Due to the increased amount of cyber attacks in the K12 schools over the last years and numerous data breaches in neighboring school districts and systems that we utilize such as PowerSchool,  we continue to strive to be proactive in the cybersecurity space so we can protect our district and your data from misuse.  


We have always paid a great deal of attention to security and protection for every system. That being said, we are going to continue to evaluate and build upon our stance. The stakes are too important for all of us to not do all we can.


One of the first things we have to address and introduce is what is called Multifactor Authentication (or MFA) for our email systems for all staff.  MFA is a protection against someone stealing your district credentials and misusing them.  This is done by a second form of communication beyond just inserting your password.  An example of this that you may have encountered is putting in a verification code while logging into your online banking account.  


QuestionWhy are we doing this now?  

 

AnswerThere are several reasons for the timing:

 

  1. Verifying that you are who you say you are reduces the likelihood of you being compromised. This makes YOU safer.
  2. Insurance for the district is beginning to inquire and require MFA  with the potential consequences of not implementing it, being increased costs or lack of coverage.
  3. Microsoft (and Google) are also increasing their expectations and requirements all the time. We will eventually be forced to head down this path, by getting ahead of this, we can control the process better.
  4. We want to protect multiple systems beyond email and Google to go further to protect everyone’s information / finances and this is a first-step to doing so.
  5. This is a recommendation for almost everyone in the industry, both private and public..  This includes the State of South Carolina, The South Carolina Department of Education and the South Carolina Law Enforcement Division (SLED) who works with all SC public entities in the wake of a cybersecurity incident .  Beyond that, many districts in the state and surrounding Anderson School District 5 have already implemented similar programs.


Options for MFA

 

  1. If you’re already using an MFA platform (such as Cisco Duo) for VPN and/or email then you don’t need to do anything else.
  2. The recommended way to set up MFA is through the Microsoft Authentication App on your mobile device. You already have the ability to do this and we are providing instructions on how to enroll.
  3. We are also allowing SMS text messages to receive a code.  We do want to note that this method may not be available over a long period of time as Microsoft and Google are phasing out SMS since phones (vSIM)  messages have become more susceptible to hacking.
  4. Other authentication apps.  There are multiple apps available (Google Authenticator for example) for MFA,  We can provide generic instructions for adding these types of authentication upon request.
  5. We’re always exploring options and looking for ways to authenticate and we’ll share and introduce those as they become available.  If you have any questions about methods of authentication.  Feel free to put in a ticket or reach out.

 

Other FAQS:

How often will I have to authenticate?

Typically once per day per device.

Does using MFA Authentication Apps allow Microsoft or District Five the ability to access or track my phone.

No, it does not.

Does using MFA Authentication Apps make my phone susceptible to an Open Records Request?

No, it does not.

 

Does using MFA Authentication force me to use my personal phone?

There may be options that can be discussed.  In most cases it will be an inconvenient option.Please reach out to us via the helpdesk and we can discuss.