How would you manage roles, policies, and multi-factor authentication in a multi-tenant environment at Moody's?