Duo Two-Step Authentication: Token Policy

1.0 Purpose
2.0 Scope
3.0 Tokens
4.0 Related Documents

1.0 Purpose

Brown University is dedicated to ensuring the privacy and proper handling of its computing resources and data. Part of this effort is the use of a “second factor” when authenticating, defeating the dangers of a compromised account, reducing risk, and increasing security. The primary purpose of this policy is to document the use of a hardware-based token as the second factor.

2.0 Scope

This policy applies to all users of computing resources owned or managed by Brown University that are protected by a second factor, and that are either required or opt-in to Two-Step Verification. Individuals covered by the policy include (but are not limited to) Brown faculty and visiting faculty, staff, students, alumni, guests or agents of the administration, external individuals and organizations accessing network services via Brown's computing facilities.

3.0 Tokens

The use of a token as a second factor for authentication is approved and supported. Brown University CIS has tokens available for those members of the community who do not have an adequate means of authenticating from expected locations, such as a cell phone.

3.1 Availability and Use: Second factor tokens for Two-Step Verification are available free of charge to any member of the Brown community who wishes to use one, on a permanent or loaner basis.

3.2 A lost token will incur a $20 replacement fee.

3.3 The token is property of Brown University and must be returned upon leaving the university.

3.4 The use of a personally owned token is acceptable, but the token must be loaded into the Brown system to be recognized. The CIS Service Center can assist with this type of request.

4.0 Related Documents

Setup and use instructions for Two-Step Verification: brown.edu/go/twostephelp

Questions or comments to: itpolicy@brown.edu

Policy Published: January 21, 2016
Effective Date: February, 2016
Next Scheduled Review: June, 2016