This article summarizes the discussion and is modelled as an exercise to go through.
Introducing MFA policy at the company using Azure
Shared responsibility model
Originally brought up in the context of Microsoft, but also applies to other B2B scenarios
- Should the company allow inaccessible scenarios?
- Provide a common framework to handle accessibility requests and exceptions in the security policy
Inclusion at the design level
Include people with disabilities at the design level - before the policy is implemented
- Ask for direct feedback at the company
- Implement general recommended practices
Test not only for separate conditions, but also consider co-existing conditions - i.e. how a person with both hearing and vision impairment would use the security policy at the company? With a particular focus on different sensory requirements
Provide an actionable feedback channel
- Provide a feedback channel that’s actively listened to
- In a place that’s easily discoverable for people with different disabilities