Multifactor authentication (MFA) requires users to authenticate their identities with at least two factors to access a system or an application. More than half of companies around the world use MFA. For companies that have not implemented MFA, reasons cited include cost, IT effort, and problems with deployments leading to user “friction.”
Some organizations deploy MFA only to executives because they have full access to sensitive information. Yet other organizations secure only some applications with MFA rather than all apps.
Answer the following question(s):
- Do you agree that deploying MFA only to executives is a secure approach to access management? Why or why not?
- Do you agree that requiring MFA for only some applications, regardless of user type, is a secure approach to access management? Why or why not?