Taking Steps to Strengthen CalNet Security
Following a successful pilot program, the CalNet Team enabled CalNet 2-Step for all employees as of August 28, 2017.
Berkeley has suffered security compromises in recent years. Our open environment design, SSO practice and expanding use of devices all contribute to the risk of compromise. To mitigate this risk, we are implementing two-step verification, which adds another layer of login authentication to better protect institutional and personal data, following a best practice successfully adopted by many higher education Institutions. The project aligns with Berkeley Security’s strategic direction to move from a “detect-and-react” model to active prevention.
The overall goal for the CalNet 2-Step implementation is to cover CAS, proxy and native login applications and services. The first phase focuses on developing the necessary infrastructure for campus employees to voluntarily sign up for two-step verification for CAS applictions.
The second phase will include integrations with proxy and native login applications and services and the ability for applications and groups to require 2-Step of their uers. We will work with service owners to implement the 2-Step verification requirement and adoption for their services. The actual list of services to be integrated will depend on the readiness of IT partners to participate. The second phase will also allow students and alumni to opt in to CalNet 2-Step.
- Executive sponsors: Matt Wolf
- Functional sponsor: Jeremy Rosenberg
- Project manager: Ronnie Ong
- Team member: Karl Grose