U.S. Department of Education to Implement Two Factor Authentication for G5 Domenica Pappas (17 Mar 2016 09:06 EST)
|
Re: U.S. Department of Education to Implement Two Factor Authentication for G5
Judy Bristow
(17 Mar 2016 09:14 EST)
|
Hello Colleagues, We will not provide personal cell numbers for authentication, only office numbers. It will probably add to the time of processing, but so be it. Domenica Domenica G. Pappas, CRA Director Sponsored Research and Programs President, Midwest Section Society of Research Administrators International Join us for our Meeting May 15-18, 2016 10 W. 35th Street, Suite 7D7-1 Chicago, IL 60616 Phone: 312-567-3987 Fax: 312-567-6980 Email: xxxxxx@iit.edu -----Original Message----- From: Research Administration List [mailto:xxxxxx@lists.healthresearch.org] On Behalf Of RESADM-L automatic digest system Sent: Wednesday, March 16, 2016 11:00 PM To: xxxxxx@lists.healthresearch.org Subject: RESADM-L Digest - 15 Mar 2016 to 16 Mar 2016 (#2016-64) There are 3 messages totaling 711 lines in this issue. Topics of the day: 1. U.S. Department of Education to Implement Two Factor Authentication for G5 Access (2) 2. software as capital equipment? ---------------------------------------------------------------------- Date: Wed, 16 Mar 2016 20:40:21 +0000 From: "McClure, Christine Lynn" <xxxxxx@PITT.EDU> Subject: U.S. Department of Education to Implement Two Factor Authentication for G5 Access All, We received the below notification regarding a new 2 factor authentication for every log-in to the G5. How are other institutions planning on handling this? All ideas are greatly appreciated! Thanks! Christine Christine L. McClure Associate Director for Grant Operations University of Pittsburgh Office of Research 123 University Place, B21 Pittsburgh, PA 15213 412-624-7400 www.research.pitt.edu<http://www.research.pitt.edu/> U.S. Department of Education to Implement Two Factor Authentication for G5 Access The U.S. Office of Management and Budget (OMB) has mandated that all federal agencies implement increased cybersecurity capabilities to prevent unauthorized access to government systems. In keeping with the OMB mandate, the U.S. Department of Education will be implementing a more secure means for users of the G5 GrantsAdministration System to gain access, referred to as two factor authentication. Soon, all G5 external users will be required to enter a second piece ofidentification in addition to their password when logging into the system. Two factor authentications (2FA) is a security process in which the user provides two means of identification from separate categories of credentials; one is typically something that you know, such as a password; and the other is something that you have, such as a security code you download from your mobile device.The combination of these two security factors makes it more difficult for someone to access government systems. Once both the first and second factors are validated,users are allowed into the system. G5 users are already required to enter a password when logging into the system. The second factor will be provided by a free application called Google Authenticator that G5 users download and register to their mobile devices. The device will then generate a unique code each time the user logs into G5. For users who do not own a mobile device, the code can be retrieved via a text message or a phone call. Two factor authentication will be rolled out to G5 users in groups, starting in mid-April 2016 and ending in June 2016. Specific details on how to download the Google application or use an alternative method of code retrieval will be provided to each user in an email shortly before their account is switched over to 2FA. In preparation for the 2FA switch, all G5 users will be encouraged to enter at least one phone number as well as provide two additional security answers on their G5 profile, starting March 14. When logging into G5 for the first time after this date, users can go to the 'My Profile' page where they can enter the additional data. For further information on the implementation of Two Factor Authentication for G5, you may contact the G5 Hotline at (888) 336-8930. Email secured by Check Point <br> ======================================================================<br> Instructions on how to use the RESADM-L Mailing List, including<br> subscription information and a web-searchable archive, are available<br> via our web site at http://www.healthresearch.org (click on the<br> "LISTSERV" link in the upper right corner)<br> <br> A link directly to helpful tips: http://tinyurl.com/resadm-l-help<br> ======================================================================<br> ------------------------------ Date: Wed, 16 Mar 2016 15:54:06 -0500 From: Lori Miller <xxxxxx@UNI.EDU> Subject: Re: U.S. Department of Education to Implement Two Factor Authentication for G5 Access I was required to use the 2 factor authentication on a different federal website. I had them call my desk phone and give me a code. I entered the code and then was able to log in (only to realize my password expired, so I had to start over again.....) Lori -- Lori Miller Post Award Support Services Coordinator Office of Research and Sponsored Programs 213 East Bartlett Hall Cedar Falls, IA 50614-0394 Phone: 319-273-4321 For deaf or hard-of-hearing use Relay 711 Fax: 319-273-2634 E-mail: xxxxxx@uni.edu On 3/16/2016 3:40 PM, McClure, Christine Lynn wrote: > > *All,* > > *We received the below notification regarding a new 2 factor > authentication for every log-in to the G5. How are other institutions > planning on handling this? All ideas are greatly appreciated!* > > *Thanks! > Christine* > > Christine L. McClure > > Associate Director for Grant Operations > > University of Pittsburgh > > Office of Research > > 123 University Place, B21 > > Pittsburgh, PA 15213 > > 412-624-7400 > > www.research.pitt.edu <http://www.research.pitt.edu/> > > ** > > ** > > *U.S. Department of Education to Implement Two Factor Authentication > for G5 Access* > > The U.S. Office of Management and Budget (OMB) has mandated that all > federal agencies implement increased cybersecurity capabilities to > prevent unauthorized access to government systems. In keeping with the > OMB mandate, the U.S. Department of Education will be implementing a > more secure means for users of the G5 GrantsAdministration System to > gain access, referred to as two factor authentication. Soon, all G5 > external users will be required to enter a second piece > ofidentification in addition to their password when logging into the > system. > > Two factor authentications (2FA) is a security process in which the > user provides two means of identification from separate categories of > credentials; one is typically something that you know, such as a > password; and the other is something that you have, such as a security > code you download from your mobile device.The combination of these two > security factors makes it more difficult for someone to access > government systems. Once both the first and second factors are > validated,users are allowed into the system. > > G5 users are already required to enter a password when logging into > the system. The second factor will be provided by a free application > called Google Authenticator that G5 users download and register to > their mobile devices. The device will then generate a unique code each > time the user logs into G5. For users who do not own a mobile device, > the code can be retrieved via a text message or a phone call. > > Two factor authentication will be rolled out to G5 users in groups, > starting in mid-April 2016 and ending in June 2016. Specific details > on how to download the Google application or use an alternative method > of code retrieval will be provided to each user in an email shortly > before their account is switched over to 2FA. > > In preparation for the 2FA switch, all G5 users will be encouraged to > enter at least one phone number as well as provide two additional > security answers on their G5 profile, starting March 14. When logging > into G5 for the first time after this date, users can go to the 'My > Profile' page where they can enter the additional data. > > For further information on the implementation of Two Factor > Authentication for G5, you may contact the G5 Hotline at (888) 336-8930. > > > > Email secured by Check Point > > <br> > ======================================================================<br> > Instructions on how to use the RESADM-L Mailing List, including<br> > subscription information and a web-searchable archive, are > available<br> via our web site at http://www.healthresearch.org (click > on the<br> "LISTSERV" link in the upper right corner)<br> <br> A link > directly to helpful tips: http://tinyurl.com/resadm-l-help<br> > <http://tinyurl.com/resadm-l-help%3Cbr%3E> > ======================================================================<br> Email secured by Check Point <br> ======================================================================<br> Instructions on how to use the RESADM-L Mailing List, including<br> subscription information and a web-searchable archive, are available<br> via our web site at http://www.healthresearch.org (click on the<br> "LISTSERV" link in the upper right corner)<br> <br> A link directly to helpful tips: http://tinyurl.com/resadm-l-help<br> ======================================================================<br> ------------------------------ Date: Wed, 16 Mar 2016 23:23:20 +0000 From: "dougm (Doug Mounce)" <xxxxxx@CRAB.ORG> Subject: software as capital equipment? Does anyone have strong opinions and/or policies about classifying software > $5K as capital equipment? I know we used to do that if we bought an instrument that included custom software, and we would sometimes add software to the tagged piece of machinery and call it equipment (like replacing a carburetor for performance compared to replacing worn-out tires), but nowadays with stand-alone licenses costing more than the hardware how do you classify the item? (I've always said that the ADP line on the SF424 is where you put software. And the Commandant of the Marine Corps called it ADPE back in 1987.) In any case, our organization only charges indirects on direct labor so this is more a question of category approval rather than cost or rate negotiations. Thanks! Doug Email secured by Check Point <br> ======================================================================<br> Instructions on how to use the RESADM-L Mailing List, including<br> subscription information and a web-searchable archive, are available<br> via our web site at http://www.healthresearch.org (click on the<br> "LISTSERV" link in the upper right corner)<br> <br> A link directly to helpful tips: http://tinyurl.com/resadm-l-help<br> ======================================================================<br> ------------------------------ End of RESADM-L Digest - 15 Mar 2016 to 16 Mar 2016 (#2016-64) ************************************************************** Email secured by Check Point <br> ======================================================================<br> Instructions on how to use the RESADM-L Mailing List, including<br> subscription information and a web-searchable archive, are available<br> via our web site at http://www.healthresearch.org (click on the<br> "LISTSERV" link in the upper right corner)<br> <br> A link directly to helpful tips: http://tinyurl.com/resadm-l-help<br> ======================================================================<br>