Statement

West Texas A&M University’s information systems uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).

Applicability

This Control applies to all West Texas A&M network information resources. The intended audience for this Control includes all information resource owners, custodians, and users of information resources.

Implementation

• Multifactor authentication is required for all authentications to resources which manage restricted or confidential data
• Multifactor authentication should be considered for other privileged authentications based on documented risk management decisions.