We are improving IT security on UiB

One of the first measures, which affects many users, is the mandatory use of multi-factor authentication on several important IT services for employees. (For students, it is currently voluntary to use a multi-factor authentication, but we strongly recommend it.)

Multi-factor authentication means that you are much better protected against identity theft and data loss. With multi-factor authentication in addition to submitting your personal password, you verify the login with your mobile phone.

The vast majority of employees have already started using multi-factor authentication, but there are still around a thousand users who have not activated it. These have been contacted by e-mail.

From 29/9. you must use multi-factor authentication to be able to use VPN (see below). On Monday 11 October, UiB user accounts for employees that have not activated multi-factor authentication will be closed.

• If you are unsure whether two-factor login is enabled for yout UiB user account, you can check this at aka.ms/mfasetup
• If you need to change or delete the control method for your multi-factor authentication, you may do so on https://mfa.app.uib.no/
• Read more about how to activate and use multi-factor authentication in your account.

From 4 October, it will be easier to log in to all Feide services. Instead of choosing the login method and possibly writing your username and password manually, you can now just click on Use work or school account to log in to Feide services.

This is a necessary measure to ensure that our services are protected with a two-factor login.

The login image will then look like this:

Photo:

Uninett

More information:

• Service announcement: Change in Feide logon

The login window on My UiB has been updated. The fields where you used to enter your username and password have been removed. Instead, you now select the Log on with UiB account button. If you are already logged in with your UiB account, you do not have to enter your username and password again.

You can also use Feide login or log in with an external user account.

Photo:

IT-avd.

Another important security measure is to control traffic from the internet to UiB's data network. Previously, the connection has been open to all traffic with the exception of what is explicitly closed. Now it's the other way around: closed to anything other than the traffic we have explicitly opened up to.

We will introduce this change after working hours on Thursday 7 October.

This can affect server services both centrally and at departments/faculties. Those responsible for such services should read the service announcement and, if necessary, register the services that need an exception.

More information:

• Service announcement: Increased security on UiB's data networks - new measures from 7 Oct.
• På Høyden article 29/9: "Ny brannmur gjør UiB-nettverket tryggere" (in Norwegian only)

VPN (Virtual Private Network) allows you to "log in to the web" when you are outside the campus (working at home, traveling, etc.) so that you can use IT resources as if you were connected to the computer network on the campus. (See also information in the fact box.)

As of 29 Sep. you need to use multi-fator authentication (see above) to user VPN.

As we strengthen the security of UiB's computer network, we must to a greater extent use VPN to access IT services from outside. This provides security for services that can not be protected with local multi-factor authentication or other measures. We can then ensure that the services are only available to those who have already logged in to VPN, where multi-factor authentication must be used.

More information:

• Service announcement: Increased security on UiB's data networks - new measures from 7 Oct.
• Service announcement: Servers protected by firewall as of 20. Oct.