Re: MFA for Incarcerated Students

["Menne, Michael S" <000002306ce3cd04-dmarc-request () LISTSERV EDUCAUSE EDU>]

This is an interesting quandry.  If you know their location and IP range, could you put a conditional access policy in 
to bypass MFA?  In a non-corrections situation, I’ve told studens to sign up for Google Voice so they can receive the 
text messages. I highly doubt this would be allowed by the corrections facility as it would allow for unmonitored 
communication.

The facility they are at may allow you to give them an MFA token since they are a one-trick pony and can’t be used for 
anything except MFA authentication.

Michael Menne, CISSP
Chief Information Security Officer
IT Solutions Information Security
Minnesota State University, Mankato
Phone:  (507) 389-5705
Cell: (507) 405-0717
https://mankato.mnsu.edu/cyberaware

[signature_1664827153]

Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended 
recipient(s) and may contain confidential and privileged information.  Any unauthorized review, use, disclosure or 
distribution is prohibited.  If you are not the intended recipient, please contact the sender by reply e-mail and 
destroy all copies of the original message.



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of "Hudson, Edward" 
<ehudson () CALSTATE EDU>
Reply-To: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Tuesday, April 20, 2021 at 1:19 PM
To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] MFA for Incarcerated Students

Greetings Colleagues
We are wrestling with how to provide MFA protected access to our campus resources for those students who are availing 
themselves of our programs while incarcerated.
e.g.  how do students authenticate with no access to a cell phone app, text etc. Can inmate students have tokens?
Interested in solutions I am sure have been put in place elsewhere as well as unexpected barriers you may have 
encountered. Feel free to respond 1:1 as well.
Thanks in advance.

Ed Hudson
CSU Systemwide Chief Information Security Officer
401 Golden Shore
Long Beach, CA 90802
Tel 562-951-8431
ehudson () calstate edu<mailto:ehudson () calstate edu>

[signature_1048991337]

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cmichael.menne%40MNSU.EDU%7Ce3e4c2f2143a468da59f08d90428c55a%7C5011c7c60ab446ab9ef4fae74a921a7f%7C0%7C0%7C637545395428569271%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=7od1e1k7J1vEQbGIE6ZxSzJXlBVfdVNyyzRmW4up32E%3D&reserved=0>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community