Multi-factor authentication vital to the University’s security
Each day, millions of attacks on the University’s IT systems and services are blocked. Unfortunately, however, attacks can sometimes gain access to important information in the systems. To reduce this risk, the University is introducing multi-factor authentication. Photo: Getty Images.
Although the multi-factor authentication now being introduced at the University may make things a bit more complicated for staff, it is a necessary step to enhance IT and cybersecurity.
Every day, businesses and public authorities are subjected to cyber attacks. This reality will hardly have escaped anyone who follows the media. In fact, the number of attacks has doubled in recent years and the education sector is affected by more than one in ten attempted intrusions.
As an important step in minimising the risk of attackers accessing information, the University is gradually introducing multi-factor authentication into more and more IT systems and services. Multi-factor authentication means that users have to use at least two different credentials to log in to IT systems.
“All staff need to enable multi-factor authentication on their University account. Every year, universities have hundreds of accounts hijacked where the main purpose is usually to access our information. Multi-factor authentication is a very big step forward involving minimal effort,” notes Veronika Berglund, Head of the Information Security Department at the University Administration.
Attacks can be devastating
The majority of attempted intrusions are prevented, but a successful attack can bring large parts of an organisation to a halt.
When Coop’s POS system was hit by a ransomware attack in 2021, three out of four stores had to close for four or five days, entailing major financial consequences. All types of organisations can be severely affected, as shown by incidents at the Church of Sweden, SUNET, Maastricht University and most recently the IT provider Tietoevry. That attack brought down the Systembolaget website and disabled the payment systems of Filmstaden, Rusta and Granngården. In addition, the payroll system of a number of public authorities was affected, though not the payroll system of Uppsala University.
Of course, Uppsala University is not exempt from attacks. On the contrary, a major phishing attack was carried out just over a year ago, with around 300 accounts and their names and passwords being accessed. In this particular case, the University Administration was able to stop the attack and ensure that all accounts had their passwords changed before any damage was done.
Another example of an attack on the University was in the summer of 2023. On that occasion, the details of just one user account were enough to access large amounts of data in issue tracking systems and documentation tools used by the University Administration.
Millions of attacks every day
The statistics on how many potential attacks are stopped around the clock are also interesting in this context:
- Every day, the University’s email filter blocks over one million spam emails.
- Every day, around six million attempted intrusions into the University’s network are stopped.
Although the email filter blocks over a million spam emails per day, we all know that a number of spam emails manage to slip through the filter.
Often rooted in phishing
Several of the biggest attacks on digital systems in recent years have been initiated via “phishing”. Phishing involves fraudsters trying to trick an individual into giving up important information. Hijacked login credentials can be disseminated or used to do harm in the form of blackmail or disinformation.
Of course, to deal with this new reality, the University needs to continuously work on strengthening IT and cybersecurity. More secure systems are needed, while all staff must be cautious and learn to be suspicious and detect fraud attempts.
Multi-factor authentication vital to security
An important step in developing more secure IT systems is the introduction of multi-factor authentication, which has been introduced into more and more IT systems and services. The majority of the most common type of attacks can be avoided by deploying multi-factor authentication. As a member of staff, you need to enable multi-factor authentication on your University account.
The plan is for most of the University’s digital platforms to eventually use multi-factor authentication for a more secure login.
“The University should move towards enabling multi-factor authentication on all services where information and interaction are not public. Such material needs to be protected to deliver a secure IT environment. This follows the guidelines from the Swedish Civil Contingencies Agency and is a natural development in terms of ensuring the University’s digital work environment against phishing, cyber attacks and extortion,” Berglund continues.
Work on introducing multi-factor authentication has already accelerated following the summer incident. Multi-factor authentication has been introduced to secure certain systems with high security requirements, such as Vesta (storage of research data) and SESAM (administration of access rights).
“In 2024, more systems will have multi-factor authentication activated. For example, collaboration workspaces in SharePoint are a new service that have built-in support for this method and are a good candidate to start a broader launch of multi-factor authentication,” explains Per-Olof Andersson, Head of University IT Services.
Note that your user account and collaboration workspaces will require separate activation of multi-factor authentication – find out more in the fact box below.
Peter Waites
Anders Berndt
Frequently asked questions
What does multi-factor authentication entail for me as a user?
The introduction of multi-factor authentication means that users must use at least two different credentials to log in. In practice, this involves using an app on your phone to verify your identity after entering a username and password. The solution is similar to using BankID to log in to your bank online.
What happens if a member of staff does not activate the multi-factor authentication themselves?
At present, nothing will happen. However, when that staff member needs to access a system that requires multi-factor authentication, they will first have to enable multi-factor authentication.
Why are there different methods for logging into the collaboration workspaces and the user account?
For purely technical reasons, everyone needs to create a specific login for the collaboration workspaces in SharePoint. The University’s wide range of digital systems and services are highly interconnected, making it complicated to make all solutions work in exactly the same way. In terms of security, there is no difference at all. Once your multi-factor authentication is up and running, it will work similarly across all systems.
How do I get started?
Guides to activate multi-factor authentication on your user account can be found on the Staff Gateway under “Log in securely”. Microsoft Authenticator is the recommended app for multi-factor authentication at Uppsala University.
The guide for activating login with multi-factor authentication for collaboration workspaces in SharePoint is called “Activate multi-factor authentication for SharePoint Online”.
How often do I need to log in?
Each service requires a new login after enabling multi-factor authentication. However, each system has different login frequency requirements. In SharePoint, for example, the frequency is relatively low as long as you are using the University’s network. However, if you switch workplace or restart your computer and want to access a protected service, you may need to log in again.
How many people have activated multi-factor authentication?
Currently, more than 1,100 members of staff have activated multi-factor authentication to manage their account details.