6.3—Require MFA for Externally-Exposed Applications

IG1

IG2

IG3

Users

Protect

>Control Description

Require all externally-exposed enterprise or third-party applications to enforce MFA, where supported. Enforcing MFA through a directory service or SSO provider is a satisfactory implementation of this Safeguard.

>Cross-Framework Mappings

SCF

IAC-06

Compare

>Relevant Technologies

Technology-specific guidance with authoritative sources and verification commands.

Okta Duo Security Google Workspace AWS Microsoft Azure Google Cloud Platform Microsoft Entra ID Auth0 Duo Security

Ask AI

Configure your API key to use AI features.