Health Information Technology & Services (HITS) and Information and Technology Services (ITS) recently asked their staff to use two-factor authentication (Duo) whenever they log in using the Weblogin page. The requirement to enroll in Duo was effective January 4 for HITS and January 25 for ITS, making them the first U-M units to set this staff-wide expectation. “We know how important two-factor is, so we expect our own staff to use it,” says DePriest Dockins, assistant director for ITS Identity and Access Management.
The organizations made the decision for their staff to use two-factor authentication for Weblogin because there is a higher risk to institutional systems and data if the credentials of information technology professionals are compromised, and also to be a good example to the rest of the U-M community. “Our security posture improves when IT professionals take advantage of additional security measures like Duo,” says Sol Bermann, interim chief information security officer and university privacy officer. Adds Jack Kufahl, chief information security officer for Michigan Medicine, “using Duo for Weblogin helps people protect their own private information, such as their W-2 in Wolverine Access, as well as their account and all the data it has access to.”
If you haven’t already done so yourself, please consider joining ITS and HITS staff and turn on two-factor for Weblogin for yourself. Your password needs a partner — two-factor authentication. It’s good for you and the U!
Jessica Rohr (ITS Communications) contributed to this story.