JEB Sheriff (OUHSC)

This session shares how OU IT responded to increasing threat‑actor activity targeting the Service Desk through user impersonation. We begin with the WHY—a rise in fraudulent attempts and the risks posed across our institutions. Next, we cover the WHAT - the OUIDPIN - explaining how OU IT implemented a stronger, privacy‑preserving identity anchor to validate users without relying on sensitive or publicly accessible data. Finally, we explain the HOW, including communication strategies, rollout planning, and user‑experience considerations that supported successful adoption.