By: JIM IRIZARRY
Staff Writer/Copy Editor
Hackers LOVE getting other people’s information.
What people think makes them safe from getting their information hacked is their level of power or stardom. Of course, the thought “no one’s going to figure out my password” also feeds into this belief.
Try telling that to several professors in the IU system, including one at IUSB, that have lost paychecks due to having their personal and professional information compromised.
“The university has been under attack from outside forces,” said Joel Langston, Media Services Director for IUSB’s University Information Technology Services to members of the SGA at the November 5 meeting.
That is why UITS has been implementing two-step verification. Since August, it has been mandatory to have two-step verification to access personal and financial information, including direct deposit and bursar refunds. Beginning January 3, 2017, it will be mandatory for all IU employees and personnel to use two-step verification to log in through IU’s Central Authentication Service, or CAS.
To put it simply, if you receive a paycheck from the university, it will be required for you. This includes student employees, faculty, staff and affiliates. Why is it necessary?
“In general terms, this is a second layer of security to help students, faculty and staff avoid account hijacking, losses financially and educationally, et cetera,” said Paul Sharpe, Executive Director of UITS at IUSB.
Sharpe says that the main reason why people at the university have been compromised is because they were not set up for two-step verification.
Two-step verification isn’t limited to just your personal and financial records, but also to your classes. According to Sharpe, faculty will have to dual authenticate to use Canvas, as well as students. The second step of two-step verification comes through the Duo security app.
“This app [the Duo app] on a smartphone makes it as easy as you can get it,” Sharpe said.
To set up an IU Duo account, visit two-step.iu.edu. This account will be necessary to use the Duo app.
The Duo app is available for free in both the iTunes and Google Play app stores. After downloading, simply follow the directions to set up two-step verification. When you attempt to log on to anything through One.IU through CAS, the app will send a push message to your device. Simply verify that it is you that is trying to access your account and the log-in process will finish.
If you do not have a smartphone or tablet, Duo’s two-step verification can still work by authenticating with call and text passcodes. Passcode key fobs and U2F (Universal Second Factor) tokens are also available through UITS.
For Indiana University and UITS, two-step verification is just another move to combat identity theft and information hacking against its faculty, staff and students.
“It’s out of necessity; it’s all a game,” Sharpe said. “We’re trying to stay one step in front of the bad guys. No matter where you are, somebody wants what you have and they don’t want to work for it. They just want to take it. It doesn’t happen that often, but it does happen.”
Sharpe believes it to be of everyone’s best interest to go to two-step verification, as everyone on this campus and in this university will need it sooner or later. If you are having trouble setting up the system, call the UITS support center at (574) 520-5555 or stop by the help desk in Wiekamp Hall, Room 1245.
To set up two-step verification for your IU account, visit here for more information.
If you have problems, call UITS at (574) 520-5555 or visit the help desk in Wiekamp Hall, Room 1245.