One  of  the  most  common  forms  of  multi-factor  authentication  involves  the
     combination of:

     •  Something the user knows -  This  typically involves  a  password or  a
        personal  identification  number  (PIN).  While  passwords  alone  can  be
        vulnerable, when used in conjunction with other factors, they contribute to a
        comprehensive security strategy. Users are required to enter their password
        as the initial step in the authentication process.

     •  Something the user has -  Introduces a physical  element into the
        authentication process. This can take the form of a security token, a smart
        card,  or  a  mobile  device.  Security  tokens  generate  one-time  passcodes
        that are synchronized with the authentication server, ensuring that even if a
        password is compromised, the attacker would still need the physical token
        for access.

     •  Something the user is - Involves unique physical or behavioral attributes of
        the user, such as fingerprints, retina scans, or facial recognition. Biometrics
        provide an additional layer of security by ensuring that only the authorized
        individual can access the system. While not as commonly implemented as
        the first two factors, biometrics are gaining popularity for their convenience
        and enhanced security. This option is not used by the District at this time.
     The combination of these factors creates a layered defense that significantly
     reduces the likelihood of unauthorized access. Even if one factor is compromised,
     the other factors serve as barriers to entry. This approach is commonly referred
     to as “defense in depth,” a strategy that recognizes the importance of having
     multiple layers of security to protect against a wide range of threats.

     MFA is crucial in many industries and applications. In K-12 education, MFA
     helps not only protect staff but protects student data against unauthorized
     disclosure or access.
     In  conclusion,  MFA  is  a  fundamental  component  of  the  District’s  modern
     cybersecurity. Its importance lies in its ability to address the shortcomings of
     traditional  password-based  systems  and  it  provides  a  more  robust  defense
     against  unauthorized  access.  By  combining  multiple  factors,  MFA  creates  a
     formidable barrier that significantly enhances the overall security posture of online
     accounts and systems. As digital threats continue to evolve, the implementation
     of multi-factor authentication remains a critical step in safeguarding sensitive
     information and maintaining the integrity of digital identities.

     See the District Hub MFA Page.
                                                                                                                 Page 11