Skip to main content

IT Project: Securing Northwestern Email

Project Status

December 2020: Northwestern IT has conducted pilots with hundreds of participants representing University school and unit IT staff as well as non-technical Northwestern IT departmental staff. The project team has evaluated feedback from pilots and has utilized it to make improvements in documentation as well as the overall implementation process and timing, in preparation for rolling out these changes to the broader University community. Deployment of the changes are underway across the University and will be completed in Spring Quarter 2021.

Project Timeline

Implementation Timeline

Project Charter

Background

The project work aligns with Microsoft's plans to end support for Basic Authentication in 2021. This outdated sign-on protocol relies on sending user names and passwords—often stored on or saved to a device—with every request for connection to systems and applications, increasing the risk of attackers capturing users' credentials. As most users' devices are already configured with Modern Authentication—an upgraded and more secure sign-on protocol—community impact is minimal.

The project also furthers Northwestern IT's work to provide Multi-factor Authentication technology, adding a critical extra layer of login protection for Northwestern systems. The University continues to be proactive in using various technologies to further protect personal employee data and the data of the entire University community. As members of the University community, it is everyone's responsibility to take steps to protect your NetID and password, which ultimately protects access to sensitive information on Northwestern administrative and departmental data systems.

Goals and Objectives

The Securing Northwestern Email project is part of Northwestern IT's continued commitment to maintaining consistent, effective, and secure delivery of services for the University community in a way that meets their needs efficiently, enabling them to be productive, while also safeguarding University data and information. It seeks to provide:

The primary goal of the Securing Northwestern Email project is to continue to strengthen the security for Northwestern-managed email accounts. Specifically, we are introducing two changes that will reduce the impact of compromised email accounts:

Approach

The project will be accomplished in three phases:

Discovery: June 2020-August 2020

Pilot period to develop support documentation and identify known issues

Planning: August 2020–November 2020

Coordination with University schools and units to finalize the timeline and strategic process

Implementation: Fall 2020–Spring 2021

Partnering with University schools and units to deploy implementation beginning in late November 2020. All Northwestern University accounts will receive these changes by spring 2021.

Project Timeline

Phase  Description Target Date Status
Discovery

Conduct pilots, garner feedback, finalize support documentation  

June – August 2020     Completed  
Planning

Collaborate with schools and units to determine timeline and process  

August – December 2020    In Progress
Implementation Work with schools to deploy the changes to all remaining University accounts November 2020 – April 2021    In Progress

Last Updated: 5 January 2021

Get Help Back to top