YALE-MSS-9: Authentication and Authorization

Notice: Instructure Security Incident & Canvas Updates

Yale ITS is monitoring a reported cybersecurity incident affecting Instructure, the vendor behind Canvas. At this time, there is no known significant impact to Canvas services at Yale, and updates will be shared as more information becomes available.

Critical vulnerability in all versions of Linux.

Critical vulnerability in all versions of Linux. Please check with your vendor for updates and plan to apply patches as soon as possible. For more information, see: https://xint.io/blog/copy-fail-linux-distributions

See all Minimum Security Standards >>

YALE-MSS-9: Authentication and Authorization

Standards

YALE-MSS-9.1: All accounts must be uniquely authenticated
YALE-MSS-9.2: Utilize secure passwords for authentication
YALE-MSS-9.3: Provision access to IT systems and data according to the principle of least privilege
YALE-MSS-9.4: Deprovision accounts and access when roles and responsibilities change
YALE-MSS-9.5: Require Multifactor Authentication (MFA) for access to authenticated systems
YALE-MSS-9.6: Use University approved authentication methods
YALE-MSS-9.7: Secure and/or limit storage of authentication information
YALE-MSS-9.8: Allow only encrypted network protocols for authentication
YALE-MSS-9.9: Prevent brute force attacks
YALE-MSS-9.10: Use administrative and service accounts for their assigned function only
YALE-MSS-9.11: Disable direct logins for generic or administrative accounts