Multi-factor authentication coming up for VPN
On 15 April 2024, multi-factor authentication will be introduced for connecting to Uppsala University’s IT services via VPN. Among other consequences, this means you will need to use multi-factor authentication for remote access to files stored in Argos.
Starting on 15 April 2024, multi-factor authentication will be required for using Uppsala University’s VPN program Cisco Secure Client. The introduction of multi-factor authentication for VPN is another step in raising the level of security for the University’s IT systems.
Multi-factor authentication means that users have to use at least two different credentials to log in. Multi-factor authentication reduces the risk of your account being hacked by requiring an additional verification of your identity over and above username and password.
VPN is like a tunnel
VPN stands for ‘virtual private network’ and is a function that encrypts internet traffic and protects your identity on the internet. In practice, a ‘tunnel’ is created on the internet, in which traffic between the University and your computer has extra protection. A service that requires VPN makes it more difficult for unauthorised individuals to gain access to the system.
However, the protection provided by a VPN is only as effective as the password you use to activate the service. Consequently, the University’s VPN service is just as sensitive as other systems to phishing, where fraudsters trick users into revealing important user data.
Hacked login credentials can be exploited to cause damage in the form of intrusion and information theft, blackmail or disinformation.
Cyber crime growing rapidly
According to the World Economic Forum, cyber crime is now the world’s third largest economy, after the United States and China, and it is expected to grow explosively over the next few years.
Every day, millions of attacks target the University’s IT systems. For example, around six million attempted intrusions into the University’s network are stopped every day.
Multi-factor authentication has an important role in minimising the risk of intrusions into the University’s IT network. Multi-factor authentication reduces the risk of your account being hacked by requiring an additional verification of your identity over and above username and password.
Multi-factor authentication averts most of the cyber intrusions that occur because of weak or stolen passwords.
The introduction of multi-factor authentication for VPN will further increase the security of the systems that currently require a VPN connection for remote working.
Remote working affected by new requirement
Several systems currently require a VPN connection for remote use. After the introduction of multi-factor authentication for VPN, you will need to have activated multi-factor authentication in order to use these systems and services.
One of the services affected by the change is the administration of (and certain access to) files in home and group directories in Argos. For example, when working remotely, you have to use VPN to access the network-based home directory on your computer.
Consequently, starting on 15 April, you will have to use multi-factor authentication to connect your computer to the VPN before you can connect your home or group directory on Argos to the network.
However, you will still be able to access your files in the home directory remotely without VPN via myfiles.uu.se.
Some of the other systems that currently require VPN for remote working and that are affected by this change include:
- the printing system eduPrint
- the financial management system Raindance
- the system for digital screen publishing (Diskus)
- the web publishing system Infoglue (Sitevision is not affected at present)
- the salary and human resources administration system Primula client (Primula web for employees is not affected at present)
- the GLIS management information system
- the W3D3 registration system
- Vesta for research data storage and processing
- the rehab system Adato
Anders Berndt
Activate multi-factor authentication
Activate multi-factor authentication, information on the intranet
Get help via informal Zoom workshops in April
If you need help getting started with multi-factor authentication, informal Zoom workshops are scheduled in April. You will find them in the Events listings.