This is a collaboration space for the Business Case Subgroup of the MFA Cohortium. Unless otherwise designated, everything contained here should be viewed as a work in progress, subject to change without notice.
The Business Case Subgroup explores reasons and use cases for the deployment of multi-factor authentication. Issues include:
- Risks addressed by multi-factor authentication
- Assurance requirements for high-risk applications and services
- Use cases, such as VPN, ERPs, shell access, confidential/sensitive data access (HIPAA, PCI, financial, FERPA, ePHI, PII), password resets, first-use devices/BYOD, etc.
Meetings
The Business Case Subgroup meets every other week via conference call on alternate Wednesdays, 3:00p-4:00p ET, starting July 31, 2013.
The business@lists.cohortium.internet2.edu list is used for communication between meetings.
- Business Case Subgroup Meetings
- Agendas and Notes
- 1/15/2014, 3:00-4:00 ET [Agenda] - canceled due to lack of attendance
- 12/18/2013, 3:00-4:00 ET [Agenda, Notes]
- 12/4/2013, 3:00-4:00 ET [Agenda, Notes]
- 11/6/2013, 3:00-4:00 ET [Agenda, Notes]
- 10/23/2013, 3:00-4:00 ET [Agenda, Notes]
- 9/25/2013, 3:00-4:00 ET [Agenda, Notes]
- 8/28/2013, 3:00-4:00 ET [Agenda, Notes]
- 8/14/2013, 3:00-4:00 ET [Agenda, Notes]
- 7/31/2013, 3:00-4:00 ET [Agenda, Notes]
Business Justifications for Multi-Factor Authentication
White Papers
- How Much Security Is Enough? - DRAFT