Skip to main content
Eastern Illinois University

Panthertech

ITS Authentication Policy

Policy Statement

Access to University information and/or information resources must be done using identifier and authenticators that are unique to each individual and/or group. Authenticators used by users must meet minimum complexity requirements, be distributed to users in a secure manner and be known only to the intended user. All access granted through the use of identifier and authenticators must be revoked immediately upon separation from the University and/or the revocation of individual’s need to access such information.

Reason for Policy

It is important that the University develop controls over the manner in which user identifier and authenticators are established, distributed and revoked. Such controls allow the University to be reasonably assured that only the individual for whom the identifier was assigned has access to the information and information resources the identifier allows. In addition, the establishment of unique identifiers allows the University to track down suspicious and/or malicious activity to a specific individual or account.

Entities Affected By This Policy

All personnel of the Eastern Illinois University community to include but not limited to faculty, staff member, students, and annuitants.

Contacts

EIU Information Security 217-581-1939

Definitions

Information resources - Information Resources are defined as any items, including telecommunication equipment, computer systems, applications, network equipment, and other equipment, goods, and services related to the processing, storage, transmission and collection of University information.

Non-public Information - Non-public information is any information designed for internal University use and not for release to the public. This information includes, but is not limited to, memos, internal e-mails, reports, course work, etc. This information may be subject to open records laws, however the intent of the work is not public use.

Protected Information - Protected information is any information that is currently covered by local, State or Federal regulation or contractual obligations such as PIPA, FERPA, HIPAA, GLBA, and PCI DSS.

User identifier - A User Identifier is any unique object that is used to positivity identify one individual from another. User Identifiers can take the form of a user ID, a hardware token, etc.

User authenticator - A User Authenticator is an object (such as a password) that is used to ensure that the user identifier (such as a username) is used by the appropriate individual to which the identifier is assigned. User Authenticators can take the form of PINs, passwords, etc.

Group/service accounts - An account that is used to provide multiple users with the ability to access a service.

Principle

User Identification and Authentication

Device Identification and Authentication

Authenticator Management

Authenticator Security

Multi-Factor Authentication (MFA)

The addition of multifactor authentication adds a layer of security which helps deter the use compromised credentials, or the unauthorized use of another’s log-in information. “Multifactor Authentication (MFA)” is a method of computer access control in which a user is granted access only after successfully presenting multiple separate pieces of evidence to an authentication mechanism – typically at least two of the following categories: knowledge (something they know), possession (something they have), and inherence (something they are). EIU utilizes the Duo Security software application for MFA.

Related Documents:

Last Date Reviewed: 06/13/2024

CONTACT THE DEPARTMENT

Technology Support

217-581-4357
support@eiu.edu