NY DFS Part 500 requires MFA for all privileged accounts (with limited CISO-documented exceptions), annual review of all privileged account access, implementation of least-privilege principles, and monitoring of privileged account activity. Class A companies must also implement privileged access workstations or equivalent controls. Privileged account management is one of the most scrutinized areas during DFS examinations.
Keep Exploring
References