Fusion's default Adaptive MFA policy is automatically assigned on a per-Application basis and is in use from the moment that you start using the Fusion, i.e. there is nothing that you need to do to ensure that you're using some best-practice security for your customer accounts.