Douglas College has implemented Multi-Factor Authentication (MFA) for all employees for off-campus Microsoft 365 account access to reduce the possibility of breach of confidential information. MFA for students is required for both off-campus and on-campus access. From October 13, 2021, MFA is required to connect to VPN. GlobalProtect VPN is an application that allows employees to connect securely to the College network off-campus. Since the Winter semester 22/23, MFA is also required for Citrix access for both employees and students.
Can I use my personal device to set up MFA?
- Yes, you can use your personal device to set up MFA, simply download and install the Microsoft Authenticator app from your device’s app store. Tip: For added security, we recommend enabling a lock screen password on your device, this will help protect your account and personal information in case your device is lost or stolen.
Do administrative and generic accounts (accounts that are used by more than one person) have to be enrolled in MFA?
- We are rolling out MFA to generic accounts. Eventually, all accounts will be protected by MFA.
Which services require MFA authentication?
- To enhance your security, Multi-Factor Authentication (MFA) is required for the following services:
- All Microsoft 365 applications.
- Banner
- Bonfire
- Citrix
- Regroup
- Salesforce
- TDX
- VPN
How often do I need to authenticate using MFA?
- The frequency of MFA authentication can vary and depends on many factors, including:
- Your account type (e.g., student, employee, contractor, etc.).
- The device you're using to log in.
- The application you're accessing.
- Logging in from a different location (such as a new city, province, or country).
Additionally, if Microsoft’s Artificial Intelligence detects unusual login patterns, you may be required to re-authenticate more frequently as an added security.
Helpful Security Reminder:
You’ll only be asked to authenticate with MFA when actively signing in. If you receive a notification but haven’t attempted to log in, simply tap “No, it’s not me” in your Microsoft Authenticator app to protect your account. If this happens often, we recommend resetting your CNA password online or calling the IT Service Desk for assistance.
What applications/systems are currently protected with MFA?
- Employees will need MFA authentication for all Office 365 cloud products, including Email, Teams, SharePoint, and OneDrive. VPN access is also protected by MFA. More applications are expected to be protected with MFA in the future.
Can I choose to receive a call or a text message instead of setting up the Microsoft Authenticator app?
- While text messages and phone calls have been commonly used for Multi-Factor Authentication (MFA), they are not as secure as other methods. Text messages are unencrypted, and phone calls can be intercepted, which poses potential security risks. Microsoft will be moving away from using text messages and phone calls for MFA. We strongly recommend setting up the Microsoft Authenticator app for a more secure and reliable authentication experience.
What other options are available for MFA if I don't have a smartphone (for employees)?
- If you don’t have access to a smartphone, you can request a hardware token as an alternative for Multi-Factor Authentication (MFA), simply contact IT Services Service Desk. Please note that it may take some time to set up, test, and deliver the hardware token. There are a few factors to consider when using a hardware token:
- You’ll need to have the token with you whenever you need to authenticate your account.
- If the token is lost, you may need to request a replacement, which could involve a cost and time for processing.
- Set-up and delivery times may vary depending on your availability. To ensure a smooth experience and uninterrupted access to your account, we recommend planning and allowing some time for setup
What if I experience issues with MFA?
- You can review Microsoft’s MFA Troubleshooting Page or email the Service Desk at servicedesk@douglascollege.ca.
What if I forget my mobile device at home while traveling?
- If you forget your mobile device at home, you can use your backup authentication method. If that doesn't solve the problem, please email the ITS Service Desk at servicedesk@douglascollege.ca.
Who is currently impacted by MFA?
- The College has deployed MFA for all employees. Applications currently protected by MFA include Microsoft Suite of Products and VPN. The College is now rolling out MFA to students. We are also working on expanding MFA to other applications, such as Citrix and centrally authenticated applications (e.g. LinkedIn Learning, Qualtrics, Blackboard).
Who is required to use MFA and when can I set it up?
- All students, faculty, employees, contractors and other external users using the college network infrastructure and applications are required to use Multi-Factor Authentication. Once your CNA account is set up, you will be prompted to set up your MFA as soon as you sign.
My device was lost/stolen, what can I do?
- If your device is lost or stolen, it’s important to act quickly. Please contact the IT Service Desk as soon as possible so that we can assist you.