Temporary Elevated Privileges are any case where administrative access of an endpoint is explicitly granted by an endpoint manager for five (5) calendar days or fewer at a time
Definitions
Two-step, two-factor, or multi-factor authentication is an authentication method in which a person is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism:
- knowledge (something the user and only the user knows),
- possession (something the user and only the user has), and/or
- inherence (something the user and only the user is).
Any two-step or multi-factor authentication process at the University of Virginia must be:
a. a University-approved two factor authentication (e.g., Duo-based High Security VPN) or
b. a method that has been reviewed and approved by the University Information Security Office before use.
A good example of two-factor authentication is the withdrawing of money from an ATM. Only the correct combination of a bank card (something the user possesses) and a PIN (something the user knows) allows the transaction to be carried out.
Two-step login process must be either a UVA-approved two-step authentication (e.g., Duo-based) or another method that has been reviewed and approved by the University Information Security Office before use.