To help protect against data fraud and payroll theft, Information Technology Services (ITS) is implementing Two-Step Verification for Northern Arizona University employees. Two-Step Verification is a security measure that requires two factors to verify your identity online. These factors include something you know (your password) and something you have (your mobile device or hardware token).
Several groups on campus already use Two-Step Verification because they handle sensitive or highly sensitive data, and it is available for voluntary enrollment today. Plans are under development for total employee and faculty enrollment, as well as requiring phishing victims to have Two-Step Verification enabled. These plans are in response to the increasingly sophisticated and persistent threats of payroll theft.
As a reminder, phishing is an attempt to illegally acquire personal information such as usernames, passwords, bank information, etc., by posing as a trustworthy source. Two-Step Verification is a strong defense against successful phishing.
Employees are encouraged to voluntarily self-enroll now. A faculty and staff enrollment campaign will begin in the fall to ease the transition for employees by allowing time to adjust and receive support if necessary prior to the required enrollment date.
For additional information about the handling of sensitive data, the Data Classification and Handling policy can be found online.
For questions about Two-Step Verification, contact ITS.