Thread regarding Wells Fargo & Co. layoffs

IAM Forcing New MFA on users

The CISO is forcing all of IAM to do MFA using Microsoft Authenticator. How are hourly employees supposed to be expected to use our personal devices for work?
Looking at the email this MFA is going to prompt users when they access email or teams .
IAM an hourly employee, I am forced into the office 4 days a week and now I am being told to use my personal phone to do MFA to get email and teams access.

What are we to do?

by
| 1914 views | | 11 replies (last ) | Reply
Post ID: @OP+1pAVL7G9

11 replies (most recent on top)

This is probably the 4th different type of 2FA/MFA that I have seen used or proposed at Wells Fargo in the last year. Why don't they just make up their minds and pick one, then stick with it so I don't have 3 or 4 different MFA methods I have to make use of?

by
| | Reply
Post ID: @1qwv+1pAVL7G9

I don't understand any of this.

by
| | Reply
Post ID: @1mwl+1pAVL7G9

They cannot legally force you to install anything on your phone. However, your options will be either to use your personal device or come into the office. Eventually this will expand to corporate laptops as well.

by
| | Reply
Post ID: @1tvb+1pAVL7G9

CISO cannot legally force you to use personal phones.

by
| | Reply
Post ID: @1xwx+1pAVL7G9

For those asking, it is not limited to remote access, Pulse is not applicable to this use case.

by
| | Reply
Post ID: @bqs+1pAVL7G9

“….. without offer of reimbursement……”

Does reimbursement only count for you if it’s a line item?

I get reimbursed bi-weekly in the form of my fat raises.

by
| | Reply
Post ID: @pxm+1pAVL7G9

Then what's the point of Pulse Secure?

by
| | Reply
Post ID: @die+1pAVL7G9

CISO wants all employees out of India anyway

by
| | Reply
Post ID: @cdb+1pAVL7G9

@dgm+1pAVL7G9

Isn't that similar to how the RSA soft token is used though?

by
| | Reply
Post ID: @xyy+1pAVL7G9

My manager just got done briefing us on the official Wells Fargo managerial gossip chain and the rumor is IAM is the first organization within Wells Fargo to be required to use Microsoft authenticator. Apparently the ciso is pushing to have all Wells Fargo employees be required to use this to access their email and other Microsoft products by the end of next year.

Apparently this is part of the ongoing protect the bank from scam attempts as non-i.t. people are apparently using their email to register for things and are putting the bank at risk.

I am curious though how the Ciso is able to legally force all Bank employees both salary and hourly to be required to use their personal phones for multi-factor authentication without offer of reimbursement

by
| | Reply
Post ID: @dgm+1pAVL7G9

I guess Pulse Secure isn't so Secure, SP is a tool, the entire IAM team is useless!

by
| | Reply
Post ID: @ahy+1pAVL7G9

Post a reply

: