Views:

Multi-factor authentication (MFA)

For security reasons, staff who want to use Microsoft 365 (formerly known as Office 365) outside of the University network must have access to a mobile phone. This can be either a work cell phone or a personal cellphone.

Microsoft 365 uses multi-factor authentication (MFA) as its security mechanism and this requires you to provide two or more known pieces of information to authenticate your identity. For example, a login on your web browser at home may also require you to approve access via an app on your mobile phone or to enter a code sent to it.

You will need to download the "Microsoft Authenticator" app from the Apple or Android app stores to your mobile phone. If you are unable to install the Microsoft Authenticator app on your mobile phone, you can receive a text code as an alternative method.

ITS Cyber Security recommend that staff use the Microsoft Authenticator mobile application as it provides the strongest security for University of Otago Microsoft 365 accounts and data. Staff can change their MFA at any time by following the steps outlined in the related article:
Multi-factor authentication (MFA) or watch this video from Microsoft:

How to register for Multi-factor Authentication

Using Microsoft 365 for clinical data

Many health organisations in New Zealand and Australia use Microsoft 365 for clinical data, as do a number of government departments. Although Microsoft 365 is able and certified to hold medical, clinical, and/or personally identifiable health research data, it is not recommended that you use it for this purpose at this stage of the University Microsoft 365 rollout. Once everything is in place to hold this type of data you will be advised.

Further information

Microsoft/Office 365 for staff