Federal agencies and the private sector still face significant challenges in adopting and implementing critical security controls like multifactor authentication and single sign-on services, according to new guidance from the Cybersecurity and Infrastructure Security Agency and the National Security Agency.
The federal zero trust strategy published last year requires agencies to use “strong MFA throughout their enterprise,” and CISA has long urged the public—as well as organizations operating in critical infrastructure sectors—to employ MFA and SSO over the years.
