Earlier this year, the PCI Security Standards Council unveiled strong encryption and Multi-Factor Authentication (MFA) requirements as part of its Payment Card Industry Data Security Standard 3.2. The PCI Security Standards Council is an organization founded by the major credit card companies to develop, enhance, disseminate and assist with the understanding of security standards for payment account security in an effort to better protect credit card holder data. The newly released standards require companies to enforce encryption and MFA on all remote access and admin-level access to the cardholder data environment. The focus of PCI DSS 3.2 on encryption and MFA reveals increasing industry understanding in the importance of these capabilities to secure and protect modern business. At Okta, we see this need for MFA extending beyond just the payment card and financial industries. Most database security breaches involve the use of stolen or compromised login credentials. MFA is one.