New multi-factor authentication for Marshall accounts

Marshall students, faculty and staff may have noticed a recent email announcement from the IT Department concerning a new addition to their Office 365 accounts. This new “Multi-Factor Authentication” will add another layer of increased protection to the accounts and services of those using a Marshall University account and will be rolling out on March 31.

Once they have logged into their account, users will receive another step to complete the sign-in process to ensure that the correct person is accessing the account and to greatly decrease concerns of hacking and phishing attacks that have been a problem in the university’s recent past. Jon Cutler, the chief information security officer for the university, said he believes this advanced notice of the change in the system’s security will improve its impact on the students, staff and university as a whole.

 “We always assume things are going to be easier than they are,” Cutler said. “One of the things we’ve found over time is the sooner you can telegraph ahead that change is coming, the better. We’re not simply saying MFA is going to solve all of our problems, but it is going to solve a chunk of them. It is going to give us an opportunity to do other things. It is just one piece of the security and identity puzzle.”

Crystal Stewart, IT client engagement manager for Marshall, says the other important part of this puzzle is the education on these issues and their possible solutions. Stewart urges the importance of the IT Department’s “Stop, Think, Connect” campaign, which encourages students to think more deeply about where they are receiving their emails from and how to more accurately decipher whether information is truthful and real, or if it is a hacking scheme to give outside people access to Marshall University services, accounts, and information.

Stewart said, “So, we put out a lot of stuff about ‘Stop, Think, Connect’ so that we can educate our campus users to understand you need to take a second to stop, think about what are you clicking on, and then be aware before you log in to something that might look like Marshall, or even your Google account, that it might not be.”

The most important takeaway from this campaign and from these new services is the safety they provide not only to each individual student and staff member, but to the university as a whole and all of their important files that are left vulnerable during a hacking attack, even if just through one student’s email.

Rileigh Smirl can be contacted at [email protected].