[Campus Notice] MFA will be implemented on this UCR email account on Feb. 7, 2025

[UCR Information Technology Solutions]

[image: image]
Notice: MFA will be required on this UCR email account as of February 7,
2025.

   -

   Beginning February 7, 2025, multi-factor authentication (MFA) will be
   required on this shared email account. Once implemented, the first
   individual who attempts to log into the account will be prompted to
   configure MFA to authenticate future account logins. Note that the account
   will be inaccessible until MFA is configured.
   -

   If you would like to configure MFA ahead of this change to avoid work
   disruptions, please take one of the two proactive steps below.

Dear Highlander,

You are receiving this notification because multi-factor authentication
(MFA) will be required on your UC Riverside shared/ORG email account
starting on February 7, 2025. This action is a direct response to the UC
Cybersecurity Mandate <https://its.ucr.edu/cybersecurity-mandate-2025>,
which requires UCR to further secure its email resources by implementing
MFA on all campus and health email systems.
What Is Changing?

When you log into the account after MFA is implemented on February 7, 2025,
you will be prompted to enroll in MFA through UCR’s provider, Duo. You must
complete the enrollment process in order to access the account.

Important: If more than one person accesses this account, please note that
each individual must have a personal device connected to the account in
order to authenticate their login, unless you request to change the account
to a delegated email account.

If you need assistance with the MFA enrollment process, please call
BearHelp support at (951) 827-4848 (Monday to Friday, from 8:00 am to 5:00
pm). If you use your shared email account to log into any other services
(e.g., Zoom), please note that you will be required to authenticate via MFA
after the change.
Optional: Proactively Secure Your Shared Email Account

No action is required ahead of the scheduled MFA implementation. However,
account owners who would like to secure their shared email account ahead of
time can take either one of the recommended actions below:


   -

   Option One: Turn your shared email account into a delegated email
   account. Instead of a singular email account that has one set of
   password credentials shared among team members, a delegated email account
   allows the owner to delegate access to specific team members. This way,
   each team member can use their own individual credentials to access the
   mailbox.
   -

      Considerations: The benefit of this option is that the team will not
      need to register multiple devices with the account to ensure continued
      access. The disadvantage of this option is that it will not work if your
      team uses the account to log into MFA-protected services like Zoom or
      Google Drive.
      -

      To select this option, fill out the request form
      <https://ucrsupport.service-now.com/ucr_portal?id=sc_cat_item&sys_id=b98274261bfe6810609f86e9cd4bcbfd>.
      Under “type of request,” select either Office 365 or R’Mail, depending on
      the email platform you are currently using. Please note in the
description
      that this is to bring the account into MFA compliance.



   -

   Option Two: Set up MFA for your shared email account prior to February
   7, 2025. With this option, you do not need to wait for the change to
   take place.
   -

      Considerations: This option should be selected by teams that require
      the ability to use the shared email account to log into MFA-protected
      services like Zoom or Google Drive (rather than using their
individual UCR
      accounts). The disadvantage of this option is that every person who needs
      to access this account must register a device with the account
or else they
      will have no means of authenticating.
      -

      To select this option, the account owner must submit a ticket
      <https://its.ucr.edu/help> to request MFA be set up for their shared
      email account in advance of the change. After MFA is enabled, each team
      member who accesses the account must register a device.


If your shared email account is already enrolled in MFA, please disregard
this message.

We appreciate your partnership as UCR strengthens its information security.
Implementing robust MFA on all accounts is one of the key steps in UCR’s
security plan to meet the new UC-wide cybersecurity requirements. To learn
more about these requirements and the role you play in helping us better
protect our campus, please visit the UC Cybersecurity Mandate 2025 webpage
<https://its.ucr.edu/cybersecurity-mandate-2025>.

Sincerely,

Dewight F. Kramer

Chief Information Security Officer

Sureyya Tuncel

Identity and Access Management Manager



This email account is not monitored by ITS staff. If you require technical
support, please take one of the following actions:

   -

   Visit the ITS website at its.ucr.edu to find self-help articles, submit
   and track support tickets, request IT services, and more.
   -

   For live support, you can contact the BearHelp helpdesk at 951-827-4848
   from Monday to Friday, 8:00am to 5:00pm.
   -

   If you suspect you received a phishing email, please report it using
   PhishAlarm <https://its.ucr.edu/phishalarm>.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ucr.edu/pipermail/tech-bulletin/attachments/20250131/3580e4bb/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/png
Size: 40409 bytes
Desc: not available
URL: <https://lists.ucr.edu/pipermail/tech-bulletin/attachments/20250131/3580e4bb/attachment-0001.png>