Unit of Measure: Usage Based
Pricing Type: Fixed
Billing Cycle: Monthly
Service Lead: Jason Howze Jason.Howze@vita.virginia.gov
Multi-Factor Authentication Service (MFA) is a method to securely control access for agency applications on the network by including an additional layer of authentication. In addition to a standard username and directory password, MFA prompts applications to require a One-Time Password (OTP) sent to the end user via Short Message Service (SMS) text. This service allows either internal (COV domain) or external (AUTH domain) partners (i.e. counties, business partners, vendors, etc.) to more securely access agency applications. The service enables agencies to additionally control application access via group membership management using the COV Account Center.
Customer applications must be technically capable of working with MFA. Eligibility will be determined through the work request process. Each potential user must be associated with an active directory group in the COV domain or the Active Directory Services (ADS) identifying users with access. The initial set-up costs for the service will be determined in the work request process.
The supplier will implement MFA for a subscribed eligible customer. In addition to the application default access criteria, all end users accessing the application will be required to enter an OTP delivered to the users’ cellular device. In order to receive OTP via SMS, end users must have a cellular device and service capable of receiving SMS messages.
Multi-Factor Authentication Service Costs:
The AITR and their assigned VITA customer account manager (CAM) guides the customer through required collaborative discussions, forms completion for the service offering and engage the service owner as required.
Order via Work Request. Requirements forms for standard and custom work requests can be found in the Service Catalog Form Library.
Frequently Asked Questions (FAQs)
Click on question to show or hide answer.
Multi-Factor Authentication Service is a framework that provides multiple levels of authentication for agency applications. In addition to a standard user name and directory password, applications can also require a One-Time Password (OTP) sent to the end user via SMS text. End users requiring authentication can be located in either the AUTH or COV domains. This service will allow agencies to securely display their application for external access (i.e. counties, business partners, vendors, etc.). The agencies control access to the applications via group membership management using COV Account Center.
Agencies need to submit a request for MFA when they wish to add OTP capabilities to application authentication.
An agency must request initial application, authentication, and authorization setup through the work request process, using the custom work request form.
There is an initial set-up charge for configuring the MFA service for an application. Recurring charges are based on the number of users added to application groups. Please see the VITA IT service catalog for pricing information. MFA recurring charges are separate and distinct from charges for other services such as EADS and WCS (SharePoint).
Answers to the questions below should be included in your custom request form:
No. MFA includes hardware, hardware maintenance, software, and software maintenance. Each agency is responsible for ensuring license compliance for their applications.
If an application is published to the VIM Portal, external users will request access by selecting the application and then submitting the request using the VIM portal. The request workflow will send an email to the approver(s) designated by the agency. Agency approvers will approve or deny the request, then the workflow will take appropriate actions based on the approver's response and the result will be emailed to the external user. If the application is not published to VIM, external users will need to coordinate with their agency application contact to be added to the appropriate group(s).
Each application group will have one or more people designated as owners of the group in COV Account Center. The group owners can add/remove people as needed using COV Account Center. The group owners will also be responsible for approving or rejecting requests from non-owners for inclusion in the group. The approval workflows will be the same as those used for management of any other group in COV Account Center.
COV users can update their profile to include a mobile phone number using COV Account Center. External users can specify their mobile phone number in their VIM user profile.
EADS allows external users access to agency applications. MFA provides the capability to add One-Time Passwords (OTP) to the authentication.
. The following questions can help narrow down the cause of the issue:
Use process to get a new One-Time Passcode.
Send VITA Onestop an email: firstname.lastname@example.org to collaborate or handle your order.