In a world that’s built on technology, nothing is more important than security. Your small actions make a big difference for your security, both at home and at Johnson & Wales University.
Enhancing Account Security with Multi-Factor Authentication (MFA)
Protecting Johnson & Wales University and Personal Data
In the modern digital landscape, depending solely on passwords exposes sensitive information to cyber threats. Attackers commonly employ phishing and social engineering tactics to compromise accounts and gain unauthorized access. To address these risks, Johnson & Wales University (JWU) requires Multi-Factor Authentication (MFA) for all university accounts, adding a crucial additional layer of protection.
How MFA Strengthens Security?
MFA improves account security by requiring users to verify their identity using two or more distinct methods. These methods can include a password (something you know), a phone or security token (something you have), or biometric data such as fingerprints or facial recognition (something you are). If a password is compromised, an attacker would still need the second authentication factor to gain access, making it much harder to breach accounts.
Defending Against Threat Actors
This enhanced security helps protect against threat actors—individuals or groups who intentionally target systems, networks, or users. By requiring multiple forms of verification, MFA is widely considered a best practice for safeguarding organizational and personal accounts. It greatly reduces the likelihood of unauthorized access.
The Impact of MFA at JWU and Beyond
Implementing MFA at JWU not only helps protect university data but also promotes greater awareness of cybersecurity risks among users. Extending MFA protection to personal accounts—including financial, email, and social media—is both simple and highly effective for securing personal information. Everyone is strongly encouraged to enable MFA on their accounts to prevent unauthorized access and lower the risk of identity theft.
Common Targets and Threats
Threat actors often seek to steal personal or financial data, hijack email accounts to launch phishing attacks, or access other sensitive resources. Understanding these objectives is essential for university students, faculty & staff.
Limitations and Ongoing Vigilance
While MFA significantly enhances account security, it is not infallible. Sophisticated attackers may attempt to bypass MFA by sending deceptive “verification” emails that link to phishing websites where both passwords and MFA codes are requested. They may also impersonate IT staff by phone, attempting to trick users into revealing MFA codes. If successful, these techniques can allow attackers to infiltrate JWU accounts, send phishing messages, and access university data.
Best Practices to Minimize Risk
- Never share MFA codes or approve sign-ins you did not initiate.
- Be skeptical of any email or phone request for verification or MFA codes.
- Remember: JWU IT will never ask for your MFA code.
- If you have any doubts about an email, forward it to phishing@jwu.edu for investigation by our team.
By remaining vigilant and consistently using multi-factor authentication, you help protect your accounts and contribute to a safer, more resilient digital environment for everyone at JWU.
Information
Information Security Services (ISS) aims to facilitate and further the Mission and Guiding Principles of the University while maximizing the confidentiality, integrity, and availability of the JWU’s distributed information technology assets, systems, networks, and data.
Be aware... click it with care. |
Care to be aware! |
Report an Incident |
||
|
Don’t be Quick to Click…beware of the emails that intend to steal your valuable information |
Looking for resources to help |
Feel there’s something odd in the email or your account? Please report the incident and our team of experts will take a look at it for you. |
||