Often referred to as two-step verification, multi-factor authentication (MFA) is a security process in which the user provides two authentication factors to verify they are who they say they are. It can be contrasted with single-factor authentication, a security process in which the user provides only one factor, which is typically a password. This our current process at Kettering Health Network. Microsoft MFA helps safeguard access to data and applications while maintaining simplicity for users. It provides additional security by requiring a second form of authentication and delivers strong authentication through a range of easy-to-use authentication methods. Even if an attacker learns a user’s password, with Microsoft MFA in place, it is useless without also having possession of additional authentication methods. Microsoft MFA works by requiring two or more of the following methods:

• Something you know (typically a password)
• Something you have (a trusted device that is not easily duplicated, like a phone)
• Something you are (biometrics)

Why is Multi-factor Authentication necessary? As the sophistication of phishing attacks, malware, and social engineering increase, many companies have implemented and require the use of stronger login identification methods beyond the standard user ID and password credentials. Most high-profile security breaches exploit system credentials of end users to gain access to a company’s network, leading organizations to focus on better security for end-user identities. This is an especially pertinent issue in health care due to the sensitive and private patient information that can be accessed. Microsoft MFA provides a critical second layer of defense in the event network credentials are compromised. Who will be affected? All network employees, providers, and associates who access Microsoft Outlook and Office 365 from a remote location. This includes emails accessed via mobile devices. Important note: Symantec VIP will continue to be used for Remote Desktop Access, Community Connect and Home Coders. The transition to Microsoft MFA from Symantec VIP will occur in Spring 2020. More information about this MFA technology transition will be shared at that time. **For international access, please submit an international access service request in the self-service portal. Manager approval will be required to secure international access. When will this change take place? Microsoft MFA registration is currently available to all users; however, you will not be prompted to switch to the Microsoft MFA solution until October 30. Who should I contact with questions? For Microsoft MFA registration and Outlook mobile instructions, please visit the MFA intranet page. Outlook mobile users are encouraged to register for Microsoft MFA as soon as possible. Stay tuned for more information on Microsoft MFA. For support, contact iSupport at 937-384-4500 or extension 44500.