...
Rowan requires all individuals, including Employees, Students, Affiliates, Retirees and Alumni to use either the Duo Mobile app or a phone as a method of two-factor authentication. This can be supplemented by the use of a hardware token where necessary, see below.
Rowan recommends that all individuals enroll a second device for two-factor authentication to use if their required method is unavailable. This second option may be the other of the two options listed in V.1, or may be a hardware token.
Hardware tokens may be obtained by all Employees, Employee Affiliates with access to HIPAA classified data, Students, and Student Affiliates. Hardware tokens are not available for Retirees, Alumni or Affiliate Employees who do not have access to systems hosting HIPAA data. The Information Security Office may approve the distribution of hardware tokens to any individual as a documented exception.
Employee
Student
Medical Student
Alumnus
Retiree
Employee
Affiliates
Medical Affiliates
Student Affiliates
Mobile - App
Y
Y
Y
Y
Y
Y
Y
Y
Mobile - SMS
Y
Y
Y
Y
Y
Y
Y
Y
Mobile - Voice
Y
Y
Y
Y
Y
Y
Y
Y
Landline - Voice (External DID)*
Y
Y
Y
Y
Y
Y
Y
Y
Landline - Voice (Rowan Internal non-DID)*
Y
Y
Y
Y
Y
Y
Y
Y
Hardware Token
Y
Y
Y
N
N
N
Y
Y
* DID aka Direct Inward Dialing refers to phone numbers that may be dialed directly from outside of the University. Phone extensions that are internal to the University are referred to as non-DID numbers. Non-DID numbers at organizations outside of Rowan University are not supported by Duo.
Replacement hardware tokens may be requested once per year in cases of damage or loss.
Hardware Token Recycling or Disposal
Tokens may be returned to any designated IRT office for recycling or disposal.
...