Differences

This shows you the differences between two versions of the page.

--- abstract:caviness:security-changes-2025 [2025-10-20 14:06] – anita
+++ abstract:caviness:security-changes-2025 [2025-10-20 16:32] (current) – [2025-2026 Caviness Security Change] anita
@@ Line 4: / Line 4: @@
   * Caviness will be moved into a different [[abstract:caviness:security-changes-2025#network-changes|network]] to isolate it from other campus computing systems
-  * Augment SSH username/password authentication with multi-factor authentication ([[abstract:caviness:security-changes-2025#mfa|MFA]])
+  * Augment SSH username/password authentication with [[abstract:caviness:security-changes-2025#mfa|multi-factor authentication]](MFA)
   * [[abstract:caviness:security-changes-2025#hpc-passwords|HPC accounts]] for UD users will no longer synchronize with UDelNet passwords
@@ Line 14: / Line 14: @@
-IT RCI staff thank the community for their understanding as we work to better-secure the clusters and protect their access and their research computing resources.
+IT-RCI staff thank the community for their understanding as we work to better-secure the clusters and protect their access and their research computing resources.
 ==== Network changes ====
@@ Line 26: / Line 26: @@
 The ScienceDMZ firewall policy **WILL BLOCK ACCESS TO ON-CAMPUS SYSTEMS** like license servers and other clusters — effectively any UD system a user connects to **FROM** Caviness.  IT RCI and Security have been working to capture a list of such systems, but Caviness community members **SHOULD TAKE TIME TO IDENTIFY ANY UD SYSTEMS THEY ACCESS FROM** Caviness and contact IT RCI.  Exceptions to the "block-all" policy will have to be negotiated with IT Security on a case by case basis by IT RCI and affected parties.  All such exceptions are audited annually by IT Security and will be subject to review for renewal.
-==== MFA ====
+==== Multi-Factor Authentication ====
 One security control widely-used today is multi-factor authentication (MFA).  A username and password are still employed, but additional credentials are required to successfully authenticate.  For Caviness, the additional credential is slated to include either of the following:
@@ Line 34: / Line 34: @@
 **OR**
-  * Solicitation of a second passcode (e.g. six-digit code, push notification)
+  * Solicitation of a second passcode (e.g. a push notification)
-IT RCI is exploring options with respect to the second passcode and will provide the community further updates when a solution is chosen and a date for its implementation is planned.
+IT-RCI is exploring MFA options and will provide the community further updates when a solution is chosen and a date for its implementation is planned.
 ==== HPC passwords ====
@@ Line 46: / Line 46: @@
   * UDelNet passwords will **NO LONGER BE SYNCHRONIZED** with HPC accounts; a user's HPC account password will be distinct
-IT RCI will provide a web portal for HPC users to reset the HPC password.  Users will be asked to NOT reuse their UDelNet password as their HPC password.
+IT-RCI will provide a web portal for HPC users to reset the HPC password.  Users will be asked to NOT reuse their UDelNet password as their HPC password.