What is FAMweb? FAMweb is a tool parents, family, and friends use to access information about a CSU student. In order to gain access to this information, your student must first grant access to you through their RamWeb account. After you have been granted access, you will receive an email with further instructions for logging into FAMweb. What if I don't have an account with the Microsoft, Google or Facebook providers? If you do not already have access through one of these providers, we encourage you to create an account with your preferred provider to ensure continued access to FAMweb. We understand that creating a new account on one of these services may bring some discomfort for those who prefer to keep their online identities more private or maintain no online identities at all. However, implementing this new step is critical to creating a more secure system for our students’ data. The previous FAMweb login system will be removed as of October 1, 2019 and you will not be able to access FAMweb without these updated login credentials. What does Colorado State University contract for with Google, Microsoft and Facebook? Nothing. CSU does NOT contract with these providers. CSU partners with a third-party identity provider (Cirrus Identity) to be a liaison between the university and these providers. The only data that CSU provides to Cirrus Identity is the FAMweb member’s choice of provider to use for authentication. Cirrus then queries the provider to validate the trusted individual’s login credentials. The provider lets Cirrus know either, Yes – the person has validated their credentials, or No – they did not. Cirrus then tells FAMweb either Yes – let them connect to the FAMweb service, or No – keep them out. Does Google, Microsoft or Facebook have access to my student’s data? No. All FAMweb data is secure behind CSU’s firewalls and security. If a trusted individual’s credentials are validated, the FAMweb application authorizes access to their student’s data. Google, Microsoft, and Facebook have no way of knowing that you have been passed off to FAMweb. Can Google, Microsoft or Facebook track what I do in FAMweb – or will they even know I’ve logged into FAMweb? No. Since FAMweb uses a third-party identity service to authenticate a trusted individual’s login credentials, these services have no way of learning that the request is coming from FAMweb or from CSU. What data does Google, Microsoft, and Facebook gather from FAMweb that they can sell? None. Since there is never a direct connection between FAMweb and these services, Google, Microsoft, and Facebook DO NOT ever know that the request for authentication is coming from FAMweb. Similarly, with the FAMweb data secure behind CSU’s firewalls, these providers DO NOT have the ability to gather any information about you or your student. Does CSU make money on these partnerships with Google, Microsoft, or Facebook? No. Since the providers are not aware that these requests are coming from CSU, and since CSU DOES NOT have any contracts in place with these providers, there is no financial incentive for CSU. This simply provides CSU a cost-effective method to provide stronger and sustainable security for you to access your student’s information while keeping tuition costs low. Why is multi-factor authentication so important? Multi-factor authentication allows you to keep your data secure even if a hacker is able to obtain your login information. Banks have been using this for a long time; you need two forms of information – something you know (your PIN number) and something you have (your bank card) – to be able to access your bank account electronically. With multi-factor authentication, you can be sure that if your password is “stolen” in a security breach, it will not be able to be used. Colorado State University now uses multi-factor authentication for anyone accessing services that require CSU login credentials from outside the university, and will be expanding the requirement to all CSU administrative systems in the future. With the high-profile privacy catastrophes around Google, Microsoft and Facebook, why should I trust them to validate my identity? We can understand your concern around these providers, given the privacy issues that make the news. Rest assured that your students’ data is not being shared with these providers and the only information a hacker can gather from Google, Microsoft, or Facebook is information you choose to post there. If you set up multi-factor authentication, a hacker cannot log into your account even if they are able to “steal” your login and password information. These big companies employ large staffs whose sole purpose is to protect against these hackers – and yet we all know breaches still occur. CSU cannot provide the same level of staffing without impacting your student’s tuition dollars. We encourage you to set up multi-factor authentication wherever possible. FAMweb Login