In Fall 2019 Saddleback College, Irvine Valley College and District Services implemented the use of two-factor authentication for employees accessing their work Outlook accounts off-campus.
Frequently Asked Questions (FAQ)
Two-factor authentication uses two pieces of information to verify identity.
An example of two-factor authentication is a bank ATM PIN number used in addition to a bank ATM card. Both the PIN number (something known) and the bank ATM card (something possessed) are needed to verify identity.
Due to a criminal investigation at one of the colleges and an audit in response to a report by the U.S. Department of Education, the South Orange County Community College District’s attorneys engaged a firm to conduct a district-wide external security audit. Audit findings required that two-factor authentication be configured for remote access to web-based email. Additionally, since passwords are routinely compromised via malicious emails, websites, and software, the need for two-factor authentication becomes more critical.
DUO is the industry’s leading two-factor authentication system, used by UCs, CSUs, private universities and community colleges throughout California. DUO provides three standard methods of two-factor authentication:
- Authentication via DUO application on a smartphone or tablet
- One-time SMS text message
- Voice call
For rare cases where the above options are not feasible, a hardware-based token is an option. This token would allow employees to complete the two-factor authentication without the use of their personal devices. District Services and the colleges are working together to support employees who may need a hardware token.
If you use either (a) a mobile device or (b) the Outlook app on your device to access email from off campus, then two-factor authentication is not necessary. However, as of Fall 2019, if you use a web browser to access email from off campus, that connection will require two-factor authentication.
If you have accessed Workday from off campus, you have already experienced two-factor authentication. To reduce the need to re-authenticate, when logging in there is an option to have DUO “trust” your computer for 12 hours.
Two-factor authentication is only necessary if you are (a) accessing email from off campus and (b) using a web browser. Note that email can be accessed in several ways without having to use two-factor authentication:
- Web email from on campus
- Smartphone or mobile client (e.g. tablet)
- Outlook app (included in Microsoft Office)
To troubleshoot software issues pertaining to two-factor authentication, college employees should place a work order through their technology services Services departments.
There is a quick link on the district website titled, SSO Portal, for the single sign-on portal. This portal is where the web email app is located. Click on Quick Links, then SSO Portal and follow the same two-factor authentication process as you do for remote access to Workday. Once authenticated you will be able to access the Outlook Web App.
This portal also provides access to other applications such as Workday without additional authentication. Gradually new apps will be added. You can bookmark https://apps.socccd.edu to quickly access the single sign-on portal.