A few months ago, the insurance industry hardened its prerequisites for cyber policies. The new requirements include Multi-Factor Authentication (MFA) across practically all the insured organization’s resources. MFA is mandatory for purchasing a new cyber policy and the renewal of an existing one.

The checklist of MFA rules includes enforcing MFA for all employees accessing email through a website or cloud-based service; remote access to the network provided to employees, contractors, third-party providers. Others include internal and remote admin access to directory services, network backup environments, network infrastructure, and the organization’s endpoints and servers. While the first two requirements are relatively easy to address, the last one is tough to implement—more on that below.

Read more at – Understanding and Complying with the New MFA Requirements for Cyber Insurance