The spread of cyber attacks is rampant. Every day, more people get official-looking but dangerous emails asking them to log into sites masquerading as official sites — instantly letting criminals into the data systems of hospitals, banks, schools and more.

Like all major organizations, Brock University is a regular target, and in a move to protect itself and its community, Brock is joining scores of institutions around the world in adapting Multi-Factor Authentication (MFA).

MFA is probably the single most effective way to protect an organization against remote attacks and prevent criminals from seizing control of sensitive files or personal information. It follows the same high-security principle as a bank card at an ATM, which requires a user to have a PIN number to use it.

When Brock users get access to MFA, they receive notifications through their mobile device or smartphone — asking them to confirm they have just tried to log into Office 365 or Workday.

Brock has begun a phase-in campaign that will eventually require all faculty, staff and students to use a mobile device to confirm their identity when they log in.

There has been an initial test launch in some administrative departments, enabling Information Technology Services (ITS) staff to fine-tune the system and iron out any bugs. Finance and Human Resources were among the first to adapt to the new system. Spring students will be required to use MFA in the next few weeks, and in the coming months, it will continue to be rolled out to all students and administrative and academic units. 

Initially, MFA will be required for anyone accessing Workday or Office 365. It will eventually be applied to all systems such as Sakai, Brock DB and others. Virtual labs will also require MFA.

David Cullum, Brock’s Associate Vice-President of ITS, said MFA is an important shield in the age of cyber attacks. 

“The attacks we face at Brock are increasing every month,” said Cullum, “and we need to protect assets and everyone’s personal data. This is just a fact of life in the 2020s. Universities, hospitals, banking, police services — they’re all moving to MFA.” 

The Microsoft Authenticator Applications is the recommended method for MFA. It is a secure application that can be downloaded to Brock users’ mobile phones in order to approve MFA logins.

The Application is used by thousands of organizations across multiple sectors, and is only used for MFA. It does not have the same security risks as downloading games and other apps that may not be secure and could result in malware being embedded in these types of applications.

Anyone without access to a smartphone or who has additional questions about the MFA process can email ithelp@brocku.ca 

For more information about MFA, visit Brock’s Information Technology Services website.