Enforcement of MFA
Multi-factor authentication (MFA) isn’t a new concept. We’ve probably all been using it for a while now, or if you haven’t and have been bypassing MFA, you are likely to be aware of its existence. However, starting on October 15 this year, Office 365 MFA will become mandatory for all Microsoft Azure logins.
This enforcement is part of Microsoft’s investment in cybersecurity and to ensure Azure accounts are protected against phishing and hacking attempts.
While it’s becoming a mandatory feature, there will be an option to postpone the enforcement date until 15 April 2025, but it must be done before 15 October. It is recommended, though, that all users of the Cloud-based platform set up MFA now to safeguard their files. By delaying the process, there is a high risk of attack.
MFA will also be required to access Windows 365 Cloud PC via the Intune Admin Centre. Going forward into 2025, there will be a staggered rollout of MFA requirements for accessing Azure PowerShell, CLI, mobile app, and Infrastructure as Code (IaC) tools.
Microsoft is committed to the security of its users. A study found that MFA provides vital protection for user accounts against cyberattacks.
“Our findings reveal that MFA implementation offers outstanding protection, with over 99.99% of MFA-enabled accounts remaining secure during the investigation period. Moreover, MFA reduces the risk of compromise by 99.22% across the entire population and by 98.56% in cases of leaked credentials.”
You can read the full report here.
If MFA is not enabled before the deadline, and there is no request to delay enforcement, users will be prompted to set up MFA before they next sign into the platform.
Users will have the option of how they choose to utilise MFA, for example, a push notification, biometrics, authenticator app, or one-time passcodes.
If you’re a Microsoft Azure or Office 365 user in the Crawley, Gatwick or West Sussex region and you would like to discuss MFA in more detail or have any queries about the upcoming changes and implications, please get in touch.