Introducing 2FA at FIT
Due to the rising levels of cyberattacks that have been so visible in the media, it is important that FIT and the FIT community take the necessary steps to better protect the college and its data from cyber harm or theft.
This announcement and video explain how and why we need to make these changes to better protect FIT’s critical information and systems. Like many other campuses, at SUNY and elsewhere, we’re going to make FIT safer by implementing two-factor authentication—2FA for short. 2FA works by requiring two levels of login “authentication”—a password and a code. Most people elect to have this code sent via text message to a smartphone.
2FA is the single best protection against credential theft. Most cyberattacks begin through the theft of a user’s password, usually by fraudulent emails. If an attacker manages to steal an FIT password, it opens a horrible door—they can log in and pose as an FIT employee to explore our network and begin to steal or ransom information.
And so to secure the college against credential theft, we’re going to implement 2FA in two ways. First, 2FA will be required for all VPN logins beginning on Tuesday, March 16. Second, in the coming weeks we will add it to Google FIT address logins as well.
We will follow up with more details about exactly how and when this rollout will occur, but please be assured that we will do our best to make it as easy as possible.
Thanks very much for your support of this critical initiative. Applying 2FA to VPN and FIT logins is going to make the college—and your correspondence and data—exponentially more secure.
Laurence Baach
Vice President for Information Technology and CIO