Statement

West Texas A&M University’s information systems uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).

Applicability

This Control applies to all West Texas A&M network information resources. The intended audience for this Control includes all information resource owners, custodians, and users of information resources.

Implementation

• Multifactor authentication is required for all authentications to resources which manage restricted or confidential data
• Multifactor authentication is required for all authentications to publicly-accessible web resources that require authentication.
• Multifactor authentication should be implemented on other resources based on risk management decisions.