Multifactor authentication and you
From Fermilab Today, Aug. 9, 2016
Multifactor authentication, or MFA, is the current hot topic in the U.S. government realm when it comes to cybersecurity. An executive order for federal entities and national labs requires implementation of multifactor authentication by Sept. 30. This is in response to last year’s data breach in which millions of federal (and nonfederal) employees’ sensitive data was stolen.
Multifactor authentication means that a class of individuals who access certain types of data will need to use two different forms of identification in order to log in to these systems. In our case, this will include both a password and a cryptographic key called an RSA token. (Some users, particularly system administrators, are called “privileged users.” These users have different authentication requirements and have already been contacted by members of the MFA project team.)
While this initiative sounds burdensome, we have worked hard to minimize the impact to the lab. The majority of our scientific and lab users will be exempt from having to use multifactor authentication. Only those people who work with personally identifiable information (such as date of birth, SSN and visa numbers) or business confidential information will be affected ― that means fewer than 300 of the lab’s 1,800 employees.
Updated Aug. 23, 2016