August 19, 2024 at 09:43AM
Microsoft is ramping up account protection in Azure with mandatory multi-factor authentication (MFA) starting in October. This move aims to enhance security and will gradually apply to all tenants. Microsoft is notifying customers in advance and offers various MFA options. The tech giant emphasizes the effectiveness of MFA in preventing account compromise.
From the meeting notes, key takeaways are:
– Microsoft will be implementing mandatory multi-factor authentication (MFA) for all Azure sign-ins, starting with a gradual rollout in October 2022 and full enforcement for all Azure users from the second half of 2024.
– The enforcement will start with Azure portal, Microsoft Entra admin center, and Intune admin center, followed by other services in early 2025. Notably, this phase will not impact certain Azure clients such as Azure Command Line Interface, Azure PowerShell, Azure mobile app, and Infrastructure as Code (IaC) tools.
– Notifications regarding the enforcement and required actions will be sent to Entra global admins through various channels, including email, Azure Service Health Notifications, and the Azure portal.
– Microsoft is considering extended timeframes for customers with complex environments or technical barriers that may require additional time to prepare for the change.
– Implementing MFA for Azure sign-ins is part of Microsoft’s commitment to improving user security, reducing the risk of account compromise and data breaches, and helping customers comply with security standards and regulations.
– MFA options for organizations include Microsoft Authenticator, FIDO2 security keys, certificate-based authentication using personal identity verification (PIV) and common access card (CAC), passkeys, and the less secure SMS or voice approvals.
The related articles provided in the notes highlight the significance of MFA in combating cyber threats and the efforts of other cloud service providers in enhancing authentication and malware protection.