The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) recently released a new 31-page document outlining best practices for identity and access management (IAM) administrators. The most secure types of MFA include fast identity online (FIDO) and public key infrastructure (PKI).