%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250719194042+00'00') /ModDate (D:20250719194042+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R 16 0 R 18 0 R 20 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 10901 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 169.049 521.469 577.685 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 169.424 520.719 576.935 re S 0.773 0.773 0.773 rg 61.016 184.799 m 550.984 184.799 l 550.984 185.549 l 61.016 185.549 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(STEP UP TO STRONGER PASSWORDS)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(May 10,2021)] TJ ET BT 156.578 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 171.086 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F1 9.0 Tf [(Weak and reused passwords continue to be a common entry point for account or identity takeover and network )] TJ ET BT 61.016 626.431 Td /F1 9.0 Tf [(intrusions. Simple steps and tools exist to help you achieve unique, strong passwords for your accounts.)] TJ ET BT 61.016 606.442 Td /F4 9.0 Tf [( A password is often all that stands between you and sensitive data. It’s also often all that stands between a cyber criminal )] TJ ET BT 61.016 595.453 Td /F4 9.0 Tf [(and your account. Below are tips to help you create stronger passwords, manage them more easily, and take one further )] TJ ET BT 61.016 584.464 Td /F4 9.0 Tf [(step to protect against account theft.)] TJ ET 0.153 0.153 0.153 RG 85.866 567.291 m 85.866 567.703 85.696 568.113 85.404 568.405 c 85.113 568.696 84.703 568.866 84.291 568.866 c 83.878 568.866 83.469 568.696 83.177 568.405 c 82.885 568.113 82.716 567.703 82.716 567.291 c 82.716 566.879 82.885 566.469 83.177 566.177 c 83.469 565.886 83.878 565.716 84.291 565.716 c 84.703 565.716 85.113 565.886 85.404 566.177 c 85.696 566.469 85.866 566.879 85.866 567.291 c f BT 91.016 564.475 Td /F1 9.0 Tf [(Always:)] TJ ET BT 125.027 564.475 Td /F4 9.0 Tf [( Use a unique password for each account so )] TJ ET BT 305.117 564.475 Td /F2 9.0 Tf [(one)] TJ ET BT 320.129 564.475 Td /F4 9.0 Tf [( compromised password does not put )] TJ ET BT 472.193 564.475 Td /F2 9.0 Tf [(all)] TJ ET BT 481.193 564.475 Td /F4 9.0 Tf [( of your )] TJ ET BT 91.016 553.486 Td /F4 9.0 Tf [(accounts at risk of takeover.)] TJ ET 85.866 545.313 m 85.866 545.725 85.696 546.135 85.404 546.427 c 85.113 546.718 84.703 546.888 84.291 546.888 c 83.878 546.888 83.469 546.718 83.177 546.427 c 82.885 546.135 82.716 545.725 82.716 545.313 c 82.716 544.901 82.885 544.491 83.177 544.199 c 83.469 543.908 83.878 543.738 84.291 543.738 c 84.703 543.738 85.113 543.908 85.404 544.199 c 85.696 544.491 85.866 544.901 85.866 545.313 c f BT 91.016 542.497 Td /F1 9.0 Tf [(Good:)] TJ ET BT 117.512 542.497 Td /F4 9.0 Tf [( A good password is 10 or more characters in length, with a combination of uppercase and lowercase )] TJ ET BT 91.016 531.508 Td /F4 9.0 Tf [(letters, plus numbers and/or symbols — such as )] TJ ET BT 285.587 531.508 Td /F2 9.0 Tf [(pAMPh$3let)] TJ ET BT 334.610 531.508 Td /F4 9.0 Tf [(. Complex passwords can be challenging to )] TJ ET BT 91.016 520.519 Td /F4 9.0 Tf [(remember for even one site, let alone using multiple passwords for multiple sites; strong passwords are also )] TJ ET BT 91.016 509.530 Td /F4 9.0 Tf [(difficult to type on a smartphone keyboard \(for an easy password management option, see “best” below\).)] TJ ET 85.866 501.357 m 85.866 501.769 85.696 502.179 85.404 502.471 c 85.113 502.762 84.703 502.932 84.291 502.932 c 83.878 502.932 83.469 502.762 83.177 502.471 c 82.885 502.179 82.716 501.769 82.716 501.357 c 82.716 500.945 82.885 500.535 83.177 500.243 c 83.469 499.952 83.878 499.782 84.291 499.782 c 84.703 499.782 85.113 499.952 85.404 500.243 c 85.696 500.535 85.866 500.945 85.866 501.357 c f BT 91.016 498.541 Td /F1 9.0 Tf [(Better:)] TJ ET BT 120.014 498.541 Td /F4 9.0 Tf [( A passphrase uses a combination of words to achieve a length of 20 or more characters. That additional )] TJ ET BT 91.016 487.552 Td /F4 9.0 Tf [(length makes it's exponentially harder for hackers to crack, yet a passphrase is easier for you to remember and )] TJ ET BT 91.016 476.563 Td /F4 9.0 Tf [(more natural to type. To create a passphrase, generate four or more random words from a dictionary, mix in )] TJ ET BT 91.016 465.574 Td /F4 9.0 Tf [(uppercase letters, and add a number or symbol to make it even stronger — such as )] TJ ET BT 91.016 454.585 Td /F4 9.0 Tf [(rubbishconsiderGREENSwim$3. You’ll still find it challenging to remember multiple passphrases, though, so read )] TJ ET BT 91.016 443.596 Td /F4 9.0 Tf [(on.)] TJ ET 85.866 435.423 m 85.866 435.835 85.696 436.245 85.404 436.537 c 85.113 436.828 84.703 436.998 84.291 436.998 c 83.878 436.998 83.469 436.828 83.177 436.537 c 82.885 436.245 82.716 435.835 82.716 435.423 c 82.716 435.011 82.885 434.601 83.177 434.309 c 83.469 434.018 83.878 433.848 84.291 433.848 c 84.703 433.848 85.113 434.018 85.404 434.309 c 85.696 434.601 85.866 435.011 85.866 435.423 c f BT 91.016 432.607 Td /F1 9.0 Tf [(Best:)] TJ ET BT 113.516 432.607 Td /F4 9.0 Tf [( The strongest passwords are created by password managers — software that generates and keeps track of )] TJ ET BT 91.016 421.618 Td /F4 9.0 Tf [(complex and unique passwords for all of your accounts. All you need to remember is one complex password or )] TJ ET BT 91.016 410.629 Td /F4 9.0 Tf [(passphrase to access your password manager. With a password manager, you can look up passwords when you )] TJ ET BT 91.016 399.640 Td /F4 9.0 Tf [(need them, copy and paste from the vault, or use functionality within the software to log you in automatically. Best )] TJ ET BT 91.016 388.651 Td /F4 9.0 Tf [(practice is to add two-step verification to your password manager account. Keep reading!)] TJ ET 85.866 380.478 m 85.866 380.890 85.696 381.300 85.404 381.592 c 85.113 381.883 84.703 382.053 84.291 382.053 c 83.878 382.053 83.469 381.883 83.177 381.592 c 82.885 381.300 82.716 380.890 82.716 380.478 c 82.716 380.066 82.885 379.656 83.177 379.364 c 83.469 379.073 83.878 378.903 84.291 378.903 c 84.703 378.903 85.113 379.073 85.404 379.364 c 85.696 379.656 85.866 380.066 85.866 380.478 c f BT 91.016 377.662 Td /F1 9.0 Tf [(Step it up!)] TJ ET BT 135.017 377.662 Td /F4 9.0 Tf [( When you use two-step verification \(a.k.a., two-factor authentication or login approval\), a stolen )] TJ ET BT 91.016 366.673 Td /F4 9.0 Tf [(password doesn’t result in a stolen account. Anytime your account is logged into from a new device, you receive )] TJ ET BT 91.016 355.684 Td /F4 9.0 Tf [(an authorization check on your smartphone or another registered device. Without that second piece, a password )] TJ ET BT 91.016 344.695 Td /F4 9.0 Tf [(thief can’t get into your account. It’s the single best way to protect your account from cyber criminals.)] TJ ET BT 61.016 324.706 Td /F4 9.0 Tf [(https://youtu.be/pMPhBEoVulQ)] TJ ET 0.200 0.200 0.200 rg BT 61.016 302.079 Td /F1 11.7 Tf [(RESOURCES)] TJ ET 0.153 0.153 0.153 rg 85.866 284.247 m 85.866 284.659 85.696 285.069 85.404 285.361 c 85.113 285.652 84.703 285.822 84.291 285.822 c 83.878 285.822 83.469 285.652 83.177 285.361 c 82.885 285.069 82.716 284.659 82.716 284.247 c 82.716 283.835 82.885 283.425 83.177 283.133 c 83.469 282.842 83.878 282.672 84.291 282.672 c 84.703 282.672 85.113 282.842 85.404 283.133 c 85.696 283.425 85.866 283.835 85.866 284.247 c f BT 91.016 281.431 Td /F4 9.0 Tf [(Check out )] TJ ET 0.373 0.169 0.255 rg BT 134.036 281.431 Td /F4 9.0 Tf [(http://twofactorauth.org)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 134.036 280.280 m 226.088 280.280 l S 0.153 0.153 0.153 rg BT 226.088 281.431 Td /F4 9.0 Tf [( to see a list of services that offer two-step verification.)] TJ ET 0.153 0.153 0.153 RG 85.866 273.258 m 85.866 273.670 85.696 274.080 85.404 274.372 c 85.113 274.663 84.703 274.833 84.291 274.833 c 83.878 274.833 83.469 274.663 83.177 274.372 c 82.885 274.080 82.716 273.670 82.716 273.258 c 82.716 272.846 82.885 272.436 83.177 272.144 c 83.469 271.853 83.878 271.683 84.291 271.683 c 84.703 271.683 85.113 271.853 85.404 272.144 c 85.696 272.436 85.866 272.846 85.866 273.258 c f BT 91.016 270.442 Td /F4 9.0 Tf [(Learn more about )] TJ ET 0.373 0.169 0.255 rg BT 164.555 270.442 Td /F4 9.0 Tf [(passwords and securing your accounts)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 164.555 269.291 m 320.120 269.291 l S 0.153 0.153 0.153 rg BT 320.120 270.442 Td /F4 9.0 Tf [( from the National Cyber Security Alliance.)] TJ ET 0.153 0.153 0.153 RG 85.866 262.269 m 85.866 262.681 85.696 263.091 85.404 263.383 c 85.113 263.674 84.703 263.844 84.291 263.844 c 83.878 263.844 83.469 263.674 83.177 263.383 c 82.885 263.091 82.716 262.681 82.716 262.269 c 82.716 261.857 82.885 261.447 83.177 261.155 c 83.469 260.864 83.878 260.694 84.291 260.694 c 84.703 260.694 85.113 260.864 85.404 261.155 c 85.696 261.447 85.866 261.857 85.866 262.269 c f BT 91.016 259.453 Td /F4 9.0 Tf [(Consider whether a )] TJ ET 0.373 0.169 0.255 rg BT 171.548 259.453 Td /F4 9.0 Tf [(password manager)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 171.548 258.302 m 248.075 258.302 l S 0.153 0.153 0.153 rg BT 248.075 259.453 Td /F4 9.0 Tf [( is the right choice for you.)] TJ ET 0.153 0.153 0.153 RG 85.866 251.280 m 85.866 251.692 85.696 252.102 85.404 252.394 c 85.113 252.685 84.703 252.855 84.291 252.855 c 83.878 252.855 83.469 252.685 83.177 252.394 c 82.885 252.102 82.716 251.692 82.716 251.280 c 82.716 250.868 82.885 250.458 83.177 250.166 c 83.469 249.875 83.878 249.705 84.291 249.705 c 84.703 249.705 85.113 249.875 85.404 250.166 c 85.696 250.458 85.866 250.868 85.866 251.280 c f BT 91.016 248.464 Td /F4 9.0 Tf [(Explore )] TJ ET 0.373 0.169 0.255 rg BT 124.028 248.464 Td /F4 9.0 Tf [(Five Ways to Upgrade your Password this Password Day)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 124.028 247.313 m 352.097 247.313 l S 0.153 0.153 0.153 rg BT 352.097 248.464 Td /F4 9.0 Tf [(, which is observed in May each year.)] TJ ET 0.153 0.153 0.153 RG 85.866 240.291 m 85.866 240.703 85.696 241.113 85.404 241.405 c 85.113 241.696 84.703 241.866 84.291 241.866 c 83.878 241.866 83.469 241.696 83.177 241.405 c 82.885 241.113 82.716 240.703 82.716 240.291 c 82.716 239.879 82.885 239.469 83.177 239.177 c 83.469 238.886 83.878 238.716 84.291 238.716 c 84.703 238.716 85.113 238.886 85.404 239.177 c 85.696 239.469 85.866 239.879 85.866 240.291 c f BT 91.016 237.475 Td /F4 9.0 Tf [(Find more videos and a quiz at )] TJ ET 0.373 0.169 0.255 rg BT 216.575 237.475 Td /F4 9.0 Tf [(http://passwordday.org)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 216.575 236.324 m 307.619 236.324 l S 0.153 0.153 0.153 rg BT 307.619 237.475 Td /F4 9.0 Tf [(.)] TJ ET BT 61.016 217.486 Td /F4 9.0 Tf [( )] TJ ET 0.400 0.400 0.400 rg BT 61.016 198.997 Td /F2 9.0 Tf [(Posted in:E-mail,Security | Tagged:Password,Security | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 134.0357 280.5985 226.0877 289.7560 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (http://twofactorauth.org/) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 164.5547 269.6095 320.1197 278.7670 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (http://staysafeonline.org/stay-safe-online/protect-your-personal-information/passwords-and-securing-your-accounts) >> endobj 16 0 obj << /Type /Annot /Subtype /Link /A 17 0 R /Border [0 0 0] /H /I /Rect [ 171.5477 258.6205 248.0747 267.7780 ] >> endobj 17 0 obj << /Type /Action /S /URI /URI (http://library.educause.edu/resources/2015/7/password-managers) >> endobj 18 0 obj << /Type /Annot /Subtype /Link /A 19 0 R /Border [0 0 0] /H /I /Rect [ 124.0277 247.6315 352.0967 256.7890 ] >> endobj 19 0 obj << /Type /Action /S /URI /URI (http://nakedsecurity.sophos.com/2016/05/05/dont-do-it-5-ways-to-upgrade-your-passwords-this-passwordday/) >> endobj 20 0 obj << /Type /Annot /Subtype /Link /A 21 0 R /Border [0 0 0] /H /I /Rect [ 216.5747 236.6425 307.6187 245.8000 ] >> endobj 21 0 obj << /Type /Action /S /URI /URI (http://passwordday.org/) >> endobj xref 0 22 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000305 00000 n 0000000334 00000 n 0000000472 00000 n 0000000582 00000 n 0000011536 00000 n 0000011648 00000 n 0000011763 00000 n 0000011883 00000 n 0000011991 00000 n 0000012119 00000 n 0000012196 00000 n 0000012324 00000 n 0000012489 00000 n 0000012617 00000 n 0000012731 00000 n 0000012859 00000 n 0000013015 00000 n 0000013143 00000 n trailer << /Size 22 /Root 1 0 R /Info 5 0 R >> startxref 13218 %%EOF Security « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

Security

« Older Entries
Newer Entries »

Data Privacy day

Saturday, January 30th, 2021

In South Africa, we’re a bit late to the Data Privacy Day party. In Europe, it’s been around since 2007, while The United States joined in 2009. 

Data Privacy Day (known in Europe as Data Protection Day) is an international holiday that occurs every 28 January. The purpose of Data Privacy Day is to raise awareness and promote privacy and data protection best practices. 

Even though data Privacy Day has been around for more than ten years, awareness around the protection of data is becoming a critical issue. The reason is twofold. Firstly, data breach incidents across the world are occurring on a more regular basis and it’s happening to large companies who should have strict measures in place to protect their users’ data. Which brings us to the second reason – the implementation of GDPR and POPI. Before both these data laws, there was little to enforce companies to protect users’ data. The GDPR and POPI acts changed this. Now companies are held accountable and can be heavily fined for compromising their clients’ personal information.

Why is data so important, though? According to Mark Barrenechea, CEO at OpenText, “[e]very day we are building, brick by brick and bit by bit, a digital copy of ourselves, whether we are aware of it or not.” A bigger digital footprint makes it easier to find information about you, whether it’s personal information such as usernames and passwords, your physical location or your interests or hobbies. Algorithms can track your actions and anticipate your behaviour. Every little piece of information adds up to a bigger picture and can be used to your disadvantage. 

Sharing data is easy, which makes it critical that you take responsibility for protecting your own information. We can no longer depend on companies or social networks to keep our digital identities safe. This we’ve clearly seen over the past few year with multiple data breaches – many including large companies such as Facebook and Google. 

Data Privacy is just one day in the year to make data owners (that’s anyone using a digital platform!) aware of the importance of protecting data. However, we should be aware of the risks every day. How can you protect your data?  www.digitalguardian has an extensive guide, but here are 10 basic tips:

  1. Use encrypted networks when you’re accessing important information. Even though open and free Wi-Fi is tempting, it comes at a high risk. If you’re browsing websites not using https, know that whatever you do can be seen by someone else.
  2. Choose strong passwords. Don’t know how? Here are some tips. The general trend is using two-factor authentication. Better even, use a password manager as it’s the most secure solution.
  3. Protect your passwords. Don’t write them down. Don’t share them. And most importantly, don’t use the same password for all your social networks or websites. 
  4. Update your software when it prompts you to. Don’t ignore it because you don’t have time – it might be an important security update which will prevent that you are at risk.
  5. Update your antivirus software regularly. New versions of viruses, malware, etc. are released regularly to explore weaknesses. If you don’t update, you’ll be an easy target. Also, consider an anti-virus for your mobile devices – they are even more vulnerable.
  6. Check and configure privacy settings on your phone. Consider carefully which apps you give access to use certain services on your phone, for example the camera function.
  7. Lock your smartphone and tablet devices when you are not using them. Mobile devices are used to access social media, banking services and various other apps containing personal information.
  8. Enable remote location and device-wiping. If your mobile device is stolen, no-one will be able to access your information.
  9. Delete your data from old devices, for example, smartphones, before you sell, discard or pass them onto someone else. 
  10. Back up your data on a daily basis. If your device is infected with malware or stolen, you’ll still have your data. 

[SOURCES: https://www.forbes.com; https://www.techradar.com]

Email

Tags: , ,
Posted in Academic IT, Security | Comments Off on Data Privacy day

Phishing alert: Zoom invite

Thursday, November 5th, 2020

Please be on the lookout for a new tactic that phishing scammers are employing to get your personal details, passwords and to gain access to your university account.

These scammers are using “Zoom” video conference invitations to fool their intended victims and steal passwords and other personal details.

 

Above is one such example. Take note of the highlighted the warning signs that reveal the scam. This particular scam is “custom” programmed for specific university e-mail addresses and might target your address, as the e-mail addresses are embedded into the phishing web page and the e-mail itself.

If you do get such an e-mail please report it to IT Cyber Security as soon as possible on the ICT Partner Portal.

If you have accidentally responded to the phisher and already provided them with your personal details, it is vitally important that you immediately change your password. Make sure the new password is completely different, and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts.

After changing your password, also log a request on the ICT Partner Portal in order for your devices to be checked for malicious software. 

[ARTICLE BY DAVID WILES]

Email

Tags:
Posted in News, phishing, Security | Comments Off on Phishing alert: Zoom invite

Safelinks protecting you against phishing

Thursday, October 8th, 2020

 In January 2020 Information Technology activated a preventative security tool called Safe Links to protect all staff and students from email phishing attempts.

You might have noticed that some of the links in your emails suddenly started displaying a very long link which starts with https://eur03.safelinks.protection.outlook.com/ followed by the rest of the web link. This is an extra obstacle built in to our Microsoft security features which checks if a site has been listed as dangerous and prevents you from clicking on it. If you do click on it, you will see the following warning:

Definition of Safe Links

“Safe Links is a feature in Office 365 Advanced Threat Protection that provides URL scanning and rewriting of inbound email messages in mail flow, and time-of-click verification of URLs and links in email messages and other locations. Safe Links scanning occurs in addition to the regular anti-spam and anti-malware protection in inbound email messages in Exchange Online Protection (EOP). Safe Links scanning can help protect your organisation from malicious links that are used in phishing and other attacks.”  

With this added feature we eliminated some of the risk facing staff and students when it comes to phishing and other security attacks from hackers. However, this does not mean you shouldn’t still be vigilant when you open an email.

Familiarise yourself with the basic tell-tale signs of a phishing email. Think before you click on a link or open an attachment. Information Technology can only protect you up to a point, the rest is your responsibility – this is especially true in these times when you work from home.

 

 

Email

Posted in News, Notices, Security | Comments Off on Safelinks protecting you against phishing

Reminder to enrol for MFA

Tuesday, September 8th, 2020

Last month we told you about the planned implementation of MFA (Multi-factor Authentication). Thank you to the 28 671 staff and students who have already enrolled to use MFA.

If you are still unsure what MFA entails, here is some information

Although we have not activated MFA yet, soon all staff and students will be required to use multi factor authentication when using any of the Microsoft 365 applications (Outlook, Sharepoint Online, OneDrive for Business, etc.) to protect their information university’s network. If you haven’t enrolled yet, we strongly advise you do so as soon possible by following these steps.

If you have any questions first consult our FAQs and if this does not answer your question, please log your request on our ICT Partner Portal and a technician will contact you. If you have any questions you would like to add to our FAQs, you’re welcome to send an email to help@sun.ac.za and we’ll add them to the list.

Email

Posted in General, Notices, Security | Comments Off on Reminder to enrol for MFA

Multi-factor authentication (MFA) FAQs

Thursday, August 6th, 2020

Information Technology recently enabled MFA for our staff and students. Soon all staff and students will be required to use multi factor authentication to secure their information and the university’s network. 

FREQUENTLY ASKED QUESTIONS 

What is MFA?  

Multi-Factor Authentication adds a second layer of security to your account to ensure that your account stays safe, even if someone else knows your password. This will mean that, for certain services, including Microsoft Outlook, Teams, etc. you will be prompted to provide more information in order to authenticate your identity as a Stellenbosch University student or staff member. More about MFA here. 

Why is it so important that I enrol for MFA?  

By enrolling for MFA, you ensure that your account is more secure.  You are protecting your own data (including your HR, payment details, etc.), your colleagues and the university.

How do I enrol for MFA? 

By following the steps set out in the .pdf document. 

What must I do if the document does not open? 

If the document does not open, it could be due to a slow internet connection or you do not have a PDF reader (e.g. Adobe Acrobat) installed. Please also clear your browser history or try to open the link in a different browser.  

How can a PDF reader be installed? 

Please raise a request on the ICT Partner Portal that is available at https://servicedesk.sun.ac.za  

What can I do if I have problems to enrol for MFA? 

If you are struggling to enrol for MFA, please log a request on the ICT Partner Portal and a technician will contact you.  

When do I have to enrol for MFA? 

Please enrol for MFA as soon as possible. It is critical that all our staff and students use two-factor authentication. 

How will I know that I have successfully enrolled for MFA? 

A confirmation message will be displayed on the last screen of the enrolment process. 
You are now enrolled for Multi Factor Authentication.

What must I do if I don’t see the  screens as indicated on the enrolment document? 

Raise a request on the ICT Partner Portal at https://servicedesk.sun.ac.za  

Will I be charged for the MFA authentication SMS’s? 

No, the SMS’s are at the cost of the University. 

Can I enrol for MFA if I stay in an area without cell phone signal? 

No, you need a cellphone with reception to enrol for MFA.

Which IT services will be activated for MFA? 

For the first phase all Microsoft365 (Outlook, Sharepoint Online, OneDrive for Business, etc.) applications will require MFA authentication. 

What will happen if a service is activated for MFA? 

Before you can access the service you will be requested to enter the one-time pin number that will be sent to the cell phone number that you have indicated during the enrolment process. Or if you chose to use the Authenticator App a message will be sent to your phone via the app which request that you approve and in some cases it might also ask for a scan of your thumbprint. 

Email

Posted in Security | Comments Off on Multi-factor authentication (MFA) FAQs

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.