All Employees: Upcoming Information Security Enhancements
Dear DU employees,
In our continuous effort to maintain a safe and secure computing environment for our community members, IT@DU will be making updates to our Office 365 and remote access VPN services. To maintain our cyber insurance coverage, we will modify the way multi-factor authentication (MFA) is implemented across campus. The two most significant changes are as follows:
- The University of Denver will require the use of MFA, called Duo, for all faculty and staff when accessing our email service. This requirement must be met prior to our cyber insurance renewal date, Aug. 30, 2021.
- The University of Denver will require the Duo MFA for all remote access VPN users. This requirement must be met prior to our cyber insurance renewal date, Aug. 30, 2021.
To address these requirements in a timely manner, the IT@DU team plans to modify all faculty and staff user email accounts to require Duo within the coming weeks, with the goal of reaching compliance no later than Friday, Aug. 20. This will be done in a phased approach (blocks of users at a time) with notice given to each block of users prior to account modification. Users who wish to complete the Duo enrollment in advance of the planned mandatory change can open a ServiceNow Request. While approximately 432 employees (10.14%) have already voluntarily enrolled in Duo, we encourage everyone to sign up early.
Additionally, we will migrate all remote access VPN users to a new platform with Duo integration. Early notice of this planned migration will also be provided to the user community.
With the increase in ransomware attacks and other cyber events, it is extremely important that the University continue to maintain a strong security posture. The ability to acquire and maintain a robust cyber insurance policy is a key component of our Enterprise Risk Management Program that will provide significant benefit if the University were to experience a catastrophic cyber event. Whether using the DU networks and applications at work or on your home computer for personal reasons, everyone needs to be vigilant in protecting themselves against cyber attacks. MFA is one of the most effective tools available. More information is available at University of Denver Information Security.
We appreciate your patience and understanding as we implement these required security enhancements. Please look for a note from IT@DU in the coming days and weeks regarding your personal migration timeline.
If you have any issues after this change, please open a Help Center ticket or call 303-871-2000.
Senior Vice Chancellor, Finance
Executive Director of Enterprise Risk Management
Chief Information Security Officer