Security Updates for EPIC and K12 Office 365

Lock

Due to an increase in compromised accounts and requirements for Cyber Insurance Coverage, both the WVDE and Microsoft will be implementing some security changes over the coming months. These changes are necessary to ensure that we protect all users, both internal and external, from ongoing cyber-attacks.

Effective July 1st, all Technology Directors and Technology Staff will be required to use MFA (Multi Factor Authentication) when signing into Office 365 and any related Office 365 SSO applications.   **This will only apply to sign ins that occur from outside of the K12 network.   

Effective October 1st, all users who are categorized as high risk will be required to use MFA (Multi Factor Authentication) when signing into Office 365 and any related SSO applications.   The high-risk categorization is dynamically assigned by Microsoft based on user behavior or known indicators that the account may be compromised.    **This will only apply to sign ins that occur from outside of the K12 network.   

It is highly recommended that all staff members register at least one MFA method (such as Authenticator App, Text Message, Phone Call, etc.) prior to these dates to avoid disruption when they are required to complete an MFA step while logging in outside of the K12 network.  Multiple methods can be setup and are recommended so that if one method is not available then an alternate method can be used to get into the account. 

**THE EPIC OFFICE AND OTHER FACILITIES THAT HOUSE EPIC PROGRAMS ARE NOT ON THE K12 NETWORK**

Currently, there are no plans to enforce MFA on Student accounts.  

To address potential spam issues with Student accounts, @stu.k12.wv.us will be limited to sending 50 emails per hour.   If this threshold is met, their account will be restricted per the standard Outbound Restricted Senders protocol and a notification will be sent to the appropriate county staff.   

Steps to Register MFA

1.       Watch Understanding MFA (link on left).

2.       Follow instructions in Microsoft Authenticator (link on left).

3.       Click on Link to Register MFA.

4.       Verify that your phone is listed in the Security Info section.