VPN access with multi-factor authentication

Multi-factor authentication (MFA) with Duo Security is being rolled out across CSU throughout 2019.

MFA is one of the most effective controls that can be used to prevent an attacker from gaining access to IT services and sensitive information. It strengthens access security by requiring two or more methods – also referred to as factors – to verify your identity. These factors can include something you know – like a username and password, plus something you have – like a smartphone app to approve authentication requests.

Do you use VPN Admin or VPN Staff access?

If you use VPN Admin access you should have received an email to enrol with Duo Security. The cut-off date to enrol is 8 May 2019. If you do not enrol by this date, your access to VPN Admin will be removed.

As soon as you have registered with Duo Security you can start using MFA for VPN access using the CSU-Admin group.

If you use VPN Staff access you will receive an email to enrol with Duo Security from 10 May 2019. Note: Only users who have accessed the service since September 2018 will receive the email.

MFA usage for 2019

Total monthly authentications for multi-factor authentication showing January 517, February 669 and March 726
Multi-factor authentication types for March showing Passcode 20%, SMS 1%, Voice 1% and Push 78%

The implementation of MFA at CSU reduces the risk of staff accounts being compromised, providing less opportunity for fraud. It’s an important activity in ensuring our compliance with the Audit Office of NSW and safeguarding the university’s reputation.

More information

Visit the multi-factor authentication page under the IT Services site.

If you have any questions about the implementation of multi-factor authentication contact Shane Meekin-Sutherland on 84140.

Subscribe to DIT News to keep updated on the progress of MFA implementation at CSU.