OM-BP-0008: Make MFA mandatory for high privileged accounts (Best Practice)
ID | OM-BP-0008 |
---|---|
Name | Make MFA mandatory for high privileged accounts |
Status | Active |
Version |
|
Best Practice | Assure that MFA is mandatory when using high privileged accounts. |
Rationale
Threat actors may compromise the supply chain to gain an entry point for attacks.
Bad Practices
Do not use MFA when using high privileged accounts
Continuous Improvement
…
Implementation Details
…
Quotes
Adopt MFA
Multi-factor authentication can stop credential-based attacks dead in their tracks. Without access to the additional factor, the attacker can’t access the account or protected resource. MFA should be mandatory for all admin accounts and is strongly recommended for all users. The preferred method is to use an authenticator app rather than SMS or voice where possible.
Bibliography
Related Best Practices
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.