Two Factor Authentication & PII Security Updates

Slides:



Advertisements
Similar presentations
DC Responses Received WA OR ID MT WY CA NV UT CO AZ NM AK HI TX ND SD NE KS OK MN IA MO AR LA WI IL MI IN OH KY TN MS AL GA FL SC NC VA WV PA NY VT NH.
Advertisements

Session #56 Two-Factor Authentication Steven Burke & James McMahon U.S. Department of Education.
Two Factor Authentication Protocol and the Protection of PII Steven A. Burke U.S. Department of Education 1.
Two Factor Authentication & PII Security Updates March 9, 2012 Steven Burke & Cheng Tang.
National Journal Presentation Credits Producers: Katharine Conlon Director: Afzal Bari House Committee Maps Updated: March 19, 2015.
MD VT MA NH DC CT NJ RI DE WA
Medicaid Enrollment of New Eligibles in Expansion States, by Party Affiliation of Governor New Eligibles as a Percent of Total Medicaid Enrollment, FY.
Essential Health Benefits Benchmark Plan Selection, as of October 2012
Uninsured Non-Elderly Adult Rate Increased from 17. 8% to 20
House Price
Medicaid Enrollment of New Eligibles in Expansion States, by Party Affiliation of Governor New Eligibles as a Percent of Total Medicaid Enrollment, as.
House price index for AK
WY WI WV WA VA VT UT TX TN SD SC RI PA OR* OK OH ND NC NY NM* NJ NH
WY WI WV WA VA VT UT TX TN SD SC RI PA OR* OK OH ND NC NY NM* NJ NH
Children's Eligibility for Medicaid/CHIP by Income, January 2013
The State of the States Cindy Mann Center for Children and Families
LRFD Scoreboard LRFD Scoreboard LRFD Scoreboard
Two Factor Authentication
Expansion states with Republican governors outnumber expansion states with Democratic governors, May 2018 WY WI WV◊ WA VA^ VT UT TX TN SD SC RI PA OR OK.
Expansion states with Republican governors outnumber expansion states with Democratic governors, January WY WI WV◊ WA VA VT UT TX TN SD SC RI PA.
Non-Citizen Population, by State, 2011
Status of State Medicaid Expansion Decisions
Share of Women Ages 18 – 64 Who Are Uninsured, by State,
Executive Activity on the Medicaid Expansion Decision, May 9, 2013
Populations included in States’ SIMRs for Part C FFY 2013 ( )
WY WI WV WA VA VT UT TX TN1 SD SC RI PA1 OR OK OH ND NC NY NM NJ NH2
WY WI WV WA VA VT UT TX TN1 SD SC RI PA OR OK OH1 ND NC NY NM NJ NH NV
WY WI WV WA VA* VT UT TX TN SD SC RI PA OR* OK OH ND NC NY NM* NJ NH
WY WI WV WA VA VT UT TX TN SD SC RI PA OR* OK OH ND NC NY NM* NJ NH
Mobility Update and Discussion as of March 25, 2008
Current Status of the Medicaid Expansion Decision, as of May 30, 2013
IAH CONVERSION: ELIGIBLE BENEFICIARIES BY STATE
WAHBE Brokers / QHPs across the country as of
619 Involvement in State SSIPs
State Health Insurance Marketplace Types, 2015
State Health Insurance Marketplace Types, 2018
HHGM CASE WEIGHTS Early/Late Mix (Weighted Average)
Status of State Medicaid Expansion Decisions
PRACTICA & ONLINE ED AUTHORIZATION STATUS
Status of State Participation in Medicaid Expansion, as of March 2014
States including governance in their SSIP improvement strategies for Part C FFY 2013 ( ) States including governance in their SSIP improvement.
Status of State Medicaid Expansion Decisions
Sampling Distribution of a Sample Mean
State Health Insurance Marketplace Types, 2017
(map is coded by CAE-CD region)
S Co-Sponsors by State – May 23, 2014
WY WI WV WA VA VT UT* TX TN SD SC RI PA OR* OK OH ND NC NY NM* NJ NH
Seventeen States Had Higher Uninsured Rates Than the National Average in 2013; Of Those, 11 Have Yet to Expand Eligibility for Medicaid AK NH WA VT ME.
Employer Premiums as Percentage of Median Household Income for Under-65 Population, 2003 and percent of under-65 population live where premiums.
Employer Premiums as Percentage of Median Household Income for Under-65 Population, 2003 and percent of under-65 population live where premiums.
Average annual growth rate
Sampling Distribution of a Sample Mean
Percent of Children Ages 0–17 Uninsured by State
Executive Activity on the Medicaid Expansion Decision, May 9, 2013
Current Status of State Medicaid Expansion Decisions
How State Policies Limiting Abortion Coverage Changed Over Time
Status of State Medicaid Expansion Decisions
Employer Premiums as Percentage of Median Household Income for Under-65 Population, 2003 and percent of under-65 population live where premiums.
Percent of Adults Ages 18–64 Uninsured by State
Uninsured Nonelderly Adult Rate Has Increased from Percent to 20
States’ selected SIMRs for Part C FFY 2013 ( )
States including quality standards in their SSIP improvement strategies for Part C FFY 2013 ( ) States including quality standards in their SSIP.
Status of State Medicaid Expansion Decisions
WY WI WV WA VA VT UT* TX TN SD SC RI PA OR* OK OH ND NC NY NM* NJ NH
WY WI WV WA VA VT UT* TX TN SD SC RI PA OR* OK OH ND NC NY NM* NJ NH
States including their fiscal systems in their SSIP improvement strategies for Part C FFY 2013 ( ) States including their fiscal systems in their.
Current Status of State Individual Marketplace and Medicaid Expansion Decisions, as of September 30, 2013 WY WI WV WA VA VT UT TX TN SD SC RI PA OR OK.
Status of State Medicaid Expansion Decisions
Income Eligibility Levels for Children in Medicaid/CHIP, January 2017
WY WI WV WA VA VT UT TX TN SD SC RI PA OR OK OH ND NC NY NM NJ NH NV
Presentation transcript:

Two Factor Authentication & PII Security Updates June 20th, 2012 Steven Burke

This process is referred to as Two Factor Authentication (TFA). Two-Factor Authentication – Overview To comply with the White House through the United States Office of Management and Budget (OMB) mandate, Memorandum M07-16 attachment 1, and as part of our ongoing efforts to ensure the security of Federal Student Aid data systems, the U.S. Department of Education, is required to implement a security protocol through which all authorized users will enter two forms of “authentication” to access Federal Student Aid systems via the Internet. This process is referred to as Two Factor Authentication (TFA).

Two-Factor Authentication Scope: Provide safe and secure access to FSA network services Primary systems impacted across the enterprise NLSDS, CPS, COD, AIMS, PM, FMS and SAIG This project encompasses approximately 96K users FSA employees, Dept. of ED employees Partners Postsecondary Schools Destination Point Administrators (DPA) Guaranty Agencies Servicers/PCA’s/NFPs Call Centers Developers/Contractors and Sub-Contractors TFA project is focused on privileged users A privileged user is anyone who can see more than just their own personal data

What is Two-Factor Authentication? Something that you know is the First Factor: User ID and Password Something that you have is the Second Factor: Token with a One Time Password The One Time Password (OTP) will be generated by a small electronic device, known as the TFA Token, that is in the physical possession of the user To generate the OTP, a user will press the “power” button on the front of the token A different OTP will be generated each time the button is pressed Alternative Methods of obtaining OTP without TFA Token: A) Answer 3 Challenge Questions online B) Have the OTP sent to your Smart Phone

Two - Factor Authentication Key Deliverables: Phase 1 To ensure the successful deployment of two-factor tokens for FSA – Citrix users 1,300 completed 5/1/2011 Phase 2 To ensure the successful deployment of two-factor tokens for Dept. of ED Staff, approximately 5,200 users. As of 7/1/2011, FSA Contractors have been added for TFA. In production as of 10/28/2011 Phase 3 International users, Foreign Schools (FS) and Domestic Schools, when logging into FSA systems across 35 countries completed12/31/2011 Domestic users, to ensure the successful deployment of two-factor tokens for users when logging into FSA systems: 88,600 users by12/31/2012 Phase 4 Guaranty Agencies, TIVAS, Third Party Servicers, Not-for-Profits, Payment Collection Agencies (PCA), and VPN users connecting through VDC

Two - Factor Authentication Project Status Total TFA Tokens Deployed: 32,176 to 35 Countries Tokens Deployed to Phase III & IV for Partners: 25,594 System Update: 90% Complete NSLDS moved behind AIMS, completed on 12/18/11 COD TFA enabled on 1/28/12 SAIG Enrollment TFA enabled 2/12/12 EDconnect TFA enabled 3/4/12

TFA -Token Deployment Forecast As of 6/20/2012 Group State Initial Estimated Schools/Users Estimated Completion Lockout Date Revised Lockout Date Completed Number of Confirmed users Registered (6/8/2012 ) Estimated Completion Lockout   3/2011 347 Schools 1,529 Users 10/30/2011 10/30/2012 347 Schools ( 1,444 ) Users 1,685 6 AR 3/2011 521 Schools 6,122 Users 8/3/2012 6/7/2012 ( ) Schools ( ) Users FS CO DeVry GA KS MO 1 DC 3/2011 323 Schools 2,622 Users 2/27/2012 6/8/2012 6/8/2012 305 Schools ( 3,010 ) Users 1,546 DE 7 AZ 3/2011 631 Schools 7,158 Users 9/7/2012 As of 6/7/2012 ( ) Schools ( ) Users MD CT VA IA WV IL IN 2 NC 3/2011 742 Schools 5,154 Users 3/16/2012 6/8/2012 609 Schools ( 4,700 ) Users 2,416 LA NJ NY 8 AL 3/2011 502 Schools 3,362 Users 10/12/2012 SC AS FC 3 KY 3/2011 866 Schools 6,615 Users 4/20/2012 6/22/2012 As of 6/8/2012 ( 310 ) Schools ( 1,820 ) Users FM MI GU NE HI NH MA OH ME PA MH RI MP VT MS TN 4 3/2011 780 Schools 8,155 Users 5/25/2012 7/6/2012 As of 6/7/2012 ( 313 ) Schools ( 513 ) Users CA 9 MT 3/2011 455 Schools 3,470 Users 11/16/2012 FL NM NV PR 5 AK 3/2011 643 Schools 5,740 Users 6/29/2012 As of 6/7/2012 ( ) Schools ( ) Users PW ID UT MN WA ND WI OR WY SD TX

Two-Factor Authentication - Attestation/Confirmation Process Action Items: For each school, the PDPA and COD Security Administrator need to work together to ensure all users have been identified and receive tokens. Step 1: Confirmation/Attestation Confirm/Attest to the individuals (unique users) at your school who are authorized users of one or more of the identified Federal Student Aid systems. This confirmation will only be used to determine the TOTAL NUMBER of tokens you will receive. Identify any Third Party Servicer(s) supporting your school. Confirm the physical street address to which tokens should be shipped, and provide a telephone number where we can contact you.    NOTE: We cannot ship to PO Boxes. Step 2: Federal Student Aid Ships Tokens to School The tokens will be sent to the attention of the PDPA via UPS Step 3: Token Receipt, Distribution, and Registration After the tokens are shipped, FSA will send a follow-on e-mail with more information about token distribution and registration. The tokens are to be registered within 7 days of receipt.

Two - Authentication - Frequently Asked Questions Will I be locked out of FSA systems if I don’t have a token? Once your school has been TFA enabled (locked) a token will be required to access FSA systems. The TFA Deployment Schedule identifies the scheduled lock dates by state. Tokens are distributed through the Primary Destination Point Administrator (PDPA) at each institution. If you have not received your token please contact your PDPA. I received more tokens than I have authorized users. What do I do with the extra tokens? Each token shipment will include at least one (1) extra TFA token, for use as a replacement for a lost or broken token, or for issue to a new authorized user. The PDPA should secure and safeguard the extra tokens for use in these situations. I need more tokens. How do I get them? For additional tokens please send an email to [TFA_Communications@ed.gov] with the following information: (We can only send tokens to the Primary DPA.) • School Name and OPEID • Full Name and FSA User ID of the additional users • The name of the PDPA and the physical address where the tokens are to be shipped   

Two - Factor Authentication - Frequently Asked Questions Do I need to provide tokens to my third party servicer? No, However please indicate the name and point of contact if you use a Third Party Servicer. Do I need a token to use EDconnect 8.1? I need to install and use EDconnect 8.1, but I don’t have my token yet. A TFA token is not required to use the EDconnect software until your school has been TFA enabled (locked). If you are an EDconnect /SAIG user and have not already done so, you will need to download and install version 8.1 of the EDconnect software. On Sunday, June 24, 2012 EDconnect 8.1 will be required to access EDconnect/SAIG. All previous versions of EDconnect will be disabled. (See SAIG Upgrade - System and Software Product Enhancements Available March 5, 2012 (Updated March 15, 2012)) On the EDconnect login screen, enter your TG number, including the letters “TG” (example: TG12345). In the Security Code field, enter the 6-digit code displayed on your TFA token, if you have one.   

TFA Questions : For general questions about TFA Support Contacts for External Customers (Postsecondary Schools and Financial Partners)   Employee Enterprise Business Collaboration (EEBC) Support Hours: Monday-Friday, 8 AM – 5 PM Phone: 1-866-441-6633 Email: eebcservicerequest@ed.gov eCampus-Based (eCB) Support Hours: Monday-Friday, 8 AM – 8 PM Phone: 1-877-801-7168 Email: cbfob@ed.gov Email: secarch@ed.gov Website: The eCampus-Based System (https://cbfisap.ed.gov/ecb/CBSWebApp/welcome.jsp)   electronic Cohort Default Rate Appeals (eCDR Appeals) Mainly from the email request from FSA SSO Donna Bellflower (Donna.Bellflower@ed.gov) Website: eCDR Appeals System (https://ecdrappeals.ed.gov/ecdra/index.html) Central Processing System – Financial Aid Administrators (CPS-FAA) Student Aid Internet Gateway (SAIG) Phone: 1-800-330-5947 / TTY 1-800-511-5806 Email: CPSSAIG@ed.gov Website: FAA Access CPS Online (https://faaaccess.ed.gov/FOTWWebApp/faa/faa.jsp) National Student Loan Data System (NSLDS) Phone: 1-800-999-8219 Email: nslds@ed.gov Website: Common Origination and Disbursement (COD) Phone: COD School Relations Center 1-800-474-7268 (for Grants) Phone: COD Direct Loans 1-800-848-0978 Email: CODSupport@acs-inc.com TFA Questions : For general questions about TFA Email: TFA_Communications@ed.gov

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.