1. Even if they trust you, they might not be willing to extend that trust to non-technical staff (or even non-infra staff) and having a global policy is the easiest.
2. Even if they trust you, your employer's customers definitely don't, and a lot of big contracts will have security exhibits that explicitly require MFA if you're handling their data.
No comments yet.