Multi-factor authentication is the single most effective security control for the most common types of cyber attacks - yet, adoption for MFA remains low. This led to increasing calls for organizations to begin enforcing MFA, but  many security teams struggle to get buy-in and overcome logistical hurdles for such a move. 

In this session, we’ll dive deep into learnings from enforcing MFA at the scale of the cloud in AWS, exploring important considerations and effective tactics for successfully executing what can be a complex operational change. We’ll examine the measurable security outcomes of enforcing the use of MFA, strategic approaches to secure buy-in, and what problems are left to be solved next for increasing the use of MFA everywhere.