Beginning June 5, 2017, multifactor authentication (MFA), also known as two-step verification, will be required to access systems on the USC network that store Personally Identifiable Information (PII). MFA will require students, faculty, and staff to take an extra step each time they login to university systems that store PII including my.sc.edu, Banner, PeopleSoft, VIP, and more.
Each year, more than 1,000 university accounts are compromised. Several of our peer universities have seen unauthorized payroll direct deposit changes and IRA tax fraud incidents due to theft of university credentials. MFA adds a layered defense to make it more difficult for someone to access sensitive data.
Beginning June 5, the university will use Duo Security for MFA. You probably have used some form of MFA with your financial institution or credit card company. As with many financial institutions, you will be required to use something you know (password) with something you have – text message, call to landline, or token. To prepare for this new requirement, please complete the enrollment process now. Instructions and frequently asked questions can be found here.
MFA is important to protect your information, as well as the information of thousands of others across the university system. It is also a new requirement of state agencies based on IT Security Requirements that were implemented following the 2012 South Carolina Department of Revenue security breach.
If you have questions, please contact the Service Desk at (803) 777-1800 or submit a self-service ticket. We are confident that these new security measures will better protect our university.