Multi-factor authentication is now in use within the whole university
Multi-factor authentication is now in use within the whole Uniarts Helsinki community, among both staff and students! Staff members began using multi-factor authentication already at the end of 2022 and in 2023, while students were required to start using it starting from 1 April 2024. The project was carried out in phases among the various student and personnel groups at Uniarts Helsinki, which made it possible to introduce the set-up phase in a controlled manner in groups of convenient size so that Uniarts Helsinki’s Digital Services were able to ensure the technical functionality at all times.
Everything went smoothly also when students began implementing multi-factor authentication. After multi-factor authentication became mandatory, nearly 70% of students had already taken the necessary steps during the first week, and after the second week, the percentage was already over 90%.
Thank you everyone at Uniarts Helsinki for your excellent cooperation in completing this joint project!
Why is multi-factor authentication important?
Multi-factor authentication may seem laborious at first, but its purpose is to improve information security both on the individual and the organisational level.
Below, we list a few reasons why multi-factor authentication is an important part of information security in the digital world:
- Better personal information security: Single-step authentication using just a password, for example, is very vulnerable. If somebody finds out your password, they will gain access to all of the data that you have protected with that particular password. Multi-factor authentication adds an extra protective layer, because the cybercriminal would have to get access to several identifiers to gain access to your data. With just a little extra effort, the majority of the attacks can be prevented.
- Prevention of data leaks and spreading of phishing messages: Even if your university email mostly contains only “boring school and work stuff”, it may still contain sensitive data, such as personal data or possibly even confidential documents. If an outsider gains access to your email, they may send messages to your schoolmates, university staff and third parties, too, under your name and potentially spread malware or links to phishing sites. If your account is compromised, the accounts of several other people may be compromised, as well.
- Improved information security of the whole university: In any organisation with many users, the materialisation of information security risks does not usually affect just one user. Breaching one person’s account may lead to the compromising of the information systems of the entire organisation. Malicious messages sent from even just one compromised university account spread fast and often cause a chain reaction, and stopping it and bringing the situation back to normal leads to a lot of work for both the cyberattack victims and the university staff.
- Protection of privacy: It is also important to remember that even when you have nothing to hide, privacy is still important. It is a basic right that protects us from possible misuse and helps us to preserve our personal freedom. You can view the matter this way: even if you do not have anything to hide or anything interesting at home, you would still not want someone looking through your windows at any given time. The same applies to the digital world, as well. Even if you do not do anything wrong or think that you have any interesting data in your email, for example, you have the right to keep your personal data private. You should also remember that your email pretty much always contains the contact information of other people, for example.
The use of a smartphone in various situations seems to be more and more frequent, which may seem annoying, but it does not change the fact that taking information security into consideration is an important part of the digital world. Issues of service usability and information security will always be a balancing act. Nowadays, more and more services have moved online and are dependent on digital systems, and we must take responsibility over our own information security and data protection. Multi-factor authentication is one way of carrying this responsibility for our own part.
Hopefully these above-mentioned examples help you understand why multi-factor authentication is now in use at Uniarts Helsinki, too.