In February, OIT announced that all matriculated students will be required to use Duo Security’s Two-factor authentication (2FA) when accessing select university services, starting with my.SMU. OIT knew that getting the large student population registered before the April 1 deadline would be a challenge, and started an aggressive campaign to not only make students aware of the coming change but to encourage them to enroll their devices before Duo was enabled. As of this writing, over 4,400 students are newly committed to protecting their accounts with Duo Security.
“Security is No Joke” Campaign
Protecting an account with two-factor authentication reduces the risk of compromised accounts and stolen personal information. The “Security is No Joke” campaign was announced on February 7, 2019, and launched on March 1, 2019. The marketing efforts focused on the ease of the registration process as well as the security benefits.
Communications were created and distributed through bulk emails, digital and physical signage, and social media. The IT Help Desk reached out to advisors and the Office of New Student programs to help spread the message through multiple groups. As an incentive for early enrollment, OIT offered up several Amazon gift cards to any student that enrolled before March 24, 2019. Ru Ferguson was awarded the first $200 Amazon gift card for enrolling before March 10, 2019. John Rodgers and Karlie Johnson won the other gift cards in the following weeks for $150 and $100 respectively.
The Final Push
A few days prior to implementation, the registration numbers were lower than we had anticipated. Enrollment Services assisted in notifying students with an email and OIT hosted a table in Fondren Library for several days with hands-on assistance. These last-minute efforts helped enroll the largest group of students.
At 7 a.m. on April 1, 2019, Duo Security’s Two-factor authentication was enabled for all student accounts accessing my.SMU. Within the first 8 hours, almost 1,000 students enrolled, and by midday Friday, that number had grown to over 3,000.
Next Steps for Duo
Despite the large number of students who were impacted by this change, the IT Help Desk saw a very small increase in call volume. Most of these Duo related calls were simply questions on how to use the app or how to enroll their device. Overall, the transition to two-factor authentication has been very smooth.
In the coming months, we will enable two-factor authentication to other services. The next service on the roadmap is Office 365. Two-factor authentication for Office 365 is currently scheduled for May 28, 2019.
As students transition out of SMU, they will find many employers use two-factor or multi-factor authentication to protect company accounts. Their experience with Duo Security here at SMU will provide them with one more competency that may be expected in the workforce.