FROM: Monique Sendze <msendze @ mines. edu
SUBJECT: Email Policy Change Reminder
TO: faculty, classified, grad, ugrad
Dear Mines community,
In mid-August, I shared some upcoming email policy changes and security enhancements, as well as a deadline for registering for multi-factor authentication. I am writing today as a reminder of these upcoming changes and as a call to encourage your faculty and staff to sign up for Duo, our multi-factor authentication solution, as we are past the September 1 deadline we shared with you.
As mentioned previously, to protect Mines information and keep our data as secure as possible, we are updating our email policy and have instituted the use of multi-factor authentication. By making these targeted policy changes now, we can better protect personal and institutional data. I have outlined below the high-level details for these enhancements and how they might impact your work.
Email Policy Change
Our updated email policy will be presented to the Mines executive team for approval in October. This policy, when approved, will enhance our information security footprint, decreasing our risk for adverse threat events through email phishing and other attacks that leverage email systems. The policy recommendations and change to email operations, based on current best practice and other compliance requirements, are as follows:
- All email clients must use modern authentication methods in order to access email. Most email clients support modern authentication methods including Outlook, Outlook Web, Mac Mail, and Thunderbird. Email clients that do not support modern authentication methods will not be supported by CSM.
- Email clients used to access CSM email must be vendor supported with timely security patches issued. Mail clients that are no longer vendor supported are not permitted for use.
- POP (Post Office Protocol) connections are not allowed.
- IMAP (Internet Message Access Protocol) connections will be allowed until Fall 2021 and must use OAUTH for authentication. “Password” or “Basic” authentication is not supported for user mailboxes using the IMAP protocol. OAUTH is an authentication process that uses access tokens instead of allowing the application to store your password. ITS will re-assess the use of IMAP in the Fall of 2021 and will provide more information at that time regarding next steps.
- Require all official Mines business and communications use Mines email accounts. (Allowing the use of personal email accounts to conduct Mines business could result in data loss and/or FERPA violations and gaps in e-discovery and compliance requests.)
Depending on your current email configurations, these changes may impact your daily routines and work habits. If you are automatically forwarding your official Mines business emails to another email account like your personal Gmail account using mailbox inbox rules, you will no longer be able to do so.
Once this email policy is reviewed and approved, there will be a transition period from October to December, allowing anyone not currently using a compatible email client to transition by December 15, 2020.
Multi-Factor Authentication (MFA)
Multi-factor (also called 2-Factor) is the most effective technology for protecting campus information by providing strong verification of your identity and eliminating the usefulness of stolen or compromised credentials.
How it works
When authenticating over the network you are asked to verify your identity with something you have (your phone, FOB on your keyring etc.). Mines has selected the technology from the company “DUO” to provide our MFA solution. ITS has been using DUO for more than 18 months, and it has been required for all FA&O employees since January. If you are not using DUO, the deadline has passed. Please encourage your faculty and staff to get started by visiting https://mfa.mines.edu.
We understand these enhancements may impact your daily routine, and our Mines Service Center is here to support you in these changes. The Service Center can help you with email policy questions and establishing multi-factor authentication.
We have Live/Realtime help available to you from 7am-5pm M-F at extension 2345 or, you can submit a ticket with the Mines Help Center. We remain committed to serving you and your research, educational technology, and administrative needs.
OAUTH is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords.
Monique Sendze, Ed.D.
Chief Information Officer
Information and Technology Solutions (ITS)
COLORADOSCHOOLOFMINES | mines.edu
Golden, CO 80401
303-273-3925| msendze @ mines.edu