Starting on June 15, Southern Adventist University students were required to use a Multi-Factor Authentication App (MFA) in order to access Southern accounts.
In an email sent to the student body, Derek Sherbondy, associate director of Information Systems, defined MFA as an additional level of security for the protection of student accounts against security threats.
According to Sherbondy, increasing numbers of compromised accounts spurred the decision to add the security measures.
“We’re trying to do everything we can to protect our accounts and to make sure that we’re not compromised by ransomware or something else. And [MFA is] one of the steps,” Sherbondy said. “We were seeing that a lot of our compromised accounts were coming from students or alumni.”
MFA was implemented last year for employees and saw much improvement in compromised accounts, according to Sherbondy. The decision to apply MFA to students was made after taking into consideration the cyber-attacks that other universities and colleges were facing.
“We just want to stay ahead of our security to make sure that we’re keeping a student’s account safe,” Sherbondy said.
Hackers, according to Sherbondy, are drawn to “.edu” email addresses because they are known to be more reliable and therefore can bypass spam filters. In the past, Southern students have faced compromised accounts with some hackers even impersonating Southern employees, according to Sherbondy. Hackers often install viruses or gain access to student accounts by tricking them to log into a website, Sherbondy said.
He went on to explain that since the implementation of MFA, compromised account numbers are improving. Now, compromised accounts are usually limited to alumni accounts since they do not presently have MFA set up.
“We’re striving to do the best we can with our security. Our number one priority is protecting our data,” Sherbondy said. “We have [the students’] interest in mind when implementing this.”
