Pages

Tuesday, September 26, 2017

Maybe it's just me...

...but I have a bad feeling about doing this (below) just as the quarter begins and folks need to access their course webpages, etc.

Email today addressed to administrators:

============

Multi-factor authentication (MFA) for UCLA Logon will become mandatory for all campus faculty, staff, and student workers on Tuesday, October 31, 2017.
Dear Colleagues:
Multi-factor authentication (MFA) is a security enhancement that requires two forms of verification when logging into your account and adds critical protection for user sign-ins and transactions. You likely already use MFA to access your ATM (swipe your bank card + enter your PIN) and online accounts (enter your logon credentials + a numeric code sent to your phone).
The deployment of MFA for UCLA Logon accounts is in response to a dramatic rise in the scope and sophistication of phishing, spear phishing, and malware attacks that are targeting our faculty and staff. The high rate of compromised credentials associated with these campaigns is an acute threat to information security at UCLA.
As you may know, many departments have already opted into MFA. MFA is painless to deploy with the right support, and the daily use of MFA is quick and easy. The deployment plan has been shared with campus IT staff, and IT Services is providing support to ensure a smooth transition. An announcement to all faculty and staff will be sent on Monday, October 2, 2017. You can review information about UCLA’s MFA program at MFA Deployment at UCLA.
As the nation’s top public university, our research, intellectual property, and institutional data are of high interest to state sponsored and organized cyber-criminals. Your financial and personal assets are also targets. Please provide your support for a successful MFA deployment by October 31. It will greatly reduce risk to our information security and also the likelihood that you too may be the next victim.
If you have questions or concerns, please send us an email at security@it.ucla.edu.
Sincerely,
Andrew Wissmiller
Associate Vice Chancellor
Information Technology Services
============
By the way, when I clicked on the link for more information above, Gmail popped up with:
You can ignore the warning above if you get it. But just saying...

No comments: