Why are we doing this? 

San Francisco State underwent a Chancellor’s Office (CO) mandated Information Security audit in Fall 2019. One of the observations noted that user access in Campus Solutions (CS) needed improvement. To resolve this finding by the audit due date, Information Technology Services (ITS) is designing job-related templates that group permissions based on the type of work performed. This new approach was approved by the Chancellor’s Office and will streamline the CS access request and approval process. Successfully implementing this approach will involve collaborating with faculty and staff across campus.

Our goals

• Improve the security of our data resources
• Improve the way campus community members request access
• Improve the response time and transparency of the request process
• Empower data owners to set, approve and annually review access to the data in their care

Status Update:

Project extended through November 2022 to accommodate the needs of impacted SF State units and resource limitations. 

This project includes GTAs, enrolled students, and continuing education students. Deliverables include a standardized process for incoming students to sign up to two-factor authentication as part of their SF State email account setup.

Benefits

• Enable Duo Two-Factor Authentication for all student accounts that access: SF State managed applications containing level 1 data, SSO (Single Sign-On), VPN, Privileged accounts that manage cloud applications. 

• Improve security posture

• Reduce compromised accounts due to phishing attacks 

Related projects: 2FA Staff (completed), 2FA Faculty (completed), 2FA Student, 2FA Community Members