Internet2 Confluence has been upgrade to 7.19.20. Questions? Contact techsupport@internet2.edu.

2013-11-06 - Business Case Subgroup Notes

Created by David Walker, last modified on Nov 07, 2013

2013-11-06 - Business Case Subgroup Notes

Date and Time	November 6, 2013, 3:00-4:00 ET
Agenda and Meeting Materials	2013-11-06 - Business Case Subgroup Agenda

Action Items

(none)

Highlights

Discussion of what to do next
- Making the case to upper management / elevator speech
  - Who else is doing this? How many?
  - What regulatory pressures are there?
  - How does this differentiate us?
  - Risks.
- Providing institutional guidance / requirements for the use of MFA
  - Does does an application manager know if MFA should be used?
  - Everybody thinks MFA is a good thing, but there's a chicken and egg problem between identity providers and service providers.
  - Need risk matrix that determines need of MFA for a particular service.
  - U Washington had a requirement for 2FA, based on classification of assets. When they moved to a risk based approach (by application managers), people stopped wanting 2FA.
  - Provide use cases / scenarios for types of applications?
  - Provide Cohortium recommendations?
Decision was to work on institutional guidance for the use of MFA.

No labels