Require MFA for All Administrators for Manufacturing & Industrial

Manufacturing & Industrial organizations face specific regulatory requirements including iso27001, nist-800-53, cis. The CA-02 control helps address these requirements by:

• A Conditional Access policy targets the Directory Roles condition
• Policy includes all privileged administrator roles
• MFA is required on every sign-in (not just from untrusted locations)

Administrator accounts are prime targets for attackers. Even if MFA is required for all users, a dedicated policy for admins ensures they cannot bypass MFA under any condition and provides visibility into admin authentication.

When implementing CA-02 in a manufacturing & industrial environment, consider:

• **Regulatory requirements**: iso27001, nist-800-53, cis may mandate specific configurations
• **Risk tolerance**: Manufacturing & Industrial organizations typically have moderate to low risk tolerance
• **Audit frequency**: Plan for regular compliance reviews
• **Documentation**: Maintain detailed records for regulatory inspections

To implement CA-02 in your Microsoft 365 environment:

• A Conditional Access policy targets the Directory Roles condition
• Policy includes all privileged administrator roles
• MFA is required on every sign-in (not just from untrusted locations)

TrueConfig can automatically remediate this control with one click.