From Compliance Crisis to Cyber Confidence: Cedar Crest’s MFA Story

Nestled on the edge of Allentown, Pennsylvania, Cedar Crest College has built its reputation on a commitment to accessible, transformative education. When Bruce Sarte joined Cedar Crest as Director of Information Technology, his mandate was clear: modernize, secure, and future-proof the college's infrastructure. What followed was a multi-year journey that ultimately led Cedar Crest to ClassLink and to a fundamentally stronger, more resilient security posture.

When Bruce Sarte arrived at Cedar Crest College, he came with a roadmap for bringing the institution fully into the modern security era by consolidating learning resources under a single sign-on solution and layering multi-factor authentication (MFA). Then the insurance auditors stepped in. "We had a three-to-four year plan," Sarte explained, “in the middle of that trajectory, our insurance auditor said, 'no, you have to be on multi-factor authentication with single sign-on right now, or we're going to charge you X number of dollars.' And it was a significant upcharge."

The message was unambiguous: without MFA and SSO across all remotely accessible platforms, Cedar Crest's cybersecurity insurance premiums would climb dramatically. The college needed to compress a multi-year initiative into weeks.

Sarte also grappled with additional security challenges, beyond the compliance deadline. Some applications didn't offer MFA at all. Others offered only weaker forms of authentication such as email-based codes, which Sarte described as the least secure option in the MFA hierarchy. Without a way to enforce a consistent, institution-wide security standard, Cedar Crest's overall protection was only as strong as its weakest application.

On the operational side, account provisioning remained a persistent burden. Before ClassLink, Cedar Crest had relied on manually entered data with one staff member spending weeks at a time inputting records for each new enrollment class.

At the core of Cedar Crest's solution was ClassLink's MFA and single sign-on platform. “ClassLink offers us the ability to put all of the LaunchPad [resources] behind multi-factor authentication," Sarte explained. "What that allows us to do is add MFA to web applications that don't offer it, or where the native option is less secure than what we require." Cedar Crest can now enforce stronger authentication methods (such as authenticator apps or SMS). The security impact was tangible almost immediately. By demonstrating MFA coverage across all remotely accessible platforms, Cedar Crest satisfied the conditions of its cybersecurity insurance audit and avoided the threatened premium hike.

The financial story didn't stop there. Sarte estimated that ClassLink comes in at roughly 20 to 25 percent of the cost of assembling comparable MFA, SSO, and automation solutions from separate vendors. And because ClassLink's pricing is not metered per integration or per security decision, Cedar Crest can extend security coverage as broadly as needed without worrying about cost implications.

That coverage extends further than most institutions expect. When an application lacks a native SSO connector, ClassLink's support team builds one, including a bespoke solution for Cedar Crest's administrative payroll portal at no additional charge. "When we come with a question, they go and look and try to help us find a solution," Sarte said. "The support has been fantastic." The result is that no application is left outside the security perimeter, and no gap exists for an auditor or an attacker to find.