Be cautious when using your university credentials. Never approve a request from Duo for multi-factor authentication (MFA) into university resources unless you requested access.
Phishing Alert MessageThird party vendor applications and cloud services can present significant risk to the University. To mitigate the risk, the Risk and Compliance (RAC) team reviews the security of vendor organizations for server applications facing the internet, or services provided by a vendor that will have access to university confidential, or highly confidential data (including HIPAA, FERPA, and PCI data). This process is essential in minimizing legal issues during the negotiation of the IT Security language during the contract process.
Timeline: 4-8 weeks. Timelines are dependent on the responsiveness of the requestor, vendor, and the complexity of the agreement.
Risk and Compliance Process:
Other university teams you may need to engage during this process:
University Data Classification
University Adverse Impact Level