Following the lead of UT System, the UT Austin Information Security Office (ISO) has made an update to the Information Resources Use and Security Policy by adding section 4.6.4, which states that two-factor authentication (2FA), is required, “When an employee or other individual providing services on behalf of the University who is working from a Remote Location accesses a web-based interface to University email.” Desktop and mobile clients are not included at this time.
Both Office 365 and UTmail will be in scope. For Office 365, this includes the Outlook Web App, Microsoft Outlook for iOS & Android, Office 365 applications like Microsoft Teams and Project Online, and initial sign-in to Office Suite applications downloaded from the Office 365 Portal. For UTmail, only business accounts will require 2FA. These are a small percentage (~5%) of the overall accounts and are typically used by faculty and staff. They are distinct from the personal accounts typically used by students, alumni and retirees, which will not be required to use 2FA.
This policy change is targeted for full implementation in early October 2018, ahead of the November 9, 2018 deadline as mandated by UT System, in an effort to avoid any potential conflicts with the Workday launch. Testing has validated the use of the existing campus 2FA solution, Duo, for accessing the Office 365 web portal, similar to the process for claiming your W-2. However, UTmail business accounts will require the use of Google 2-Step Verification. Documentation is available for both services:
- Office 365: https://ut.service-now.com/utss/KAhome.do?number=KB0017056
- UTmail: https://ut.service-now.com/utss/KAhome.do?number=KB0017061
Additionally, notifications have been posted to the login screens of both services to alert end users of this upcoming change.
For more information about the Two-factor Authentication for Web-based Email, please visit https://it.utexas.edu/projects/2fa_for_web_based_email/overview.