Corporate MFA guidance

Hello fellow redditors,

I'm a lone systems engineer for a small growing biz. I'm trying to throw together a proposal to implement MFA. I need your guidance!

I'm torn between recommending App authentication or OTP hardware token.

The App seems strong, but our legal team said we will need to offer cell phone reimbursement to all our staff if we require their phones for work- estimated at $40 per employee per month.

The other option is Hardware Tokens, roughly $20 …

corporate cybersecurity guidance mfa