25.06.2024
We would like to inform you that Microsoft will introduce additional tenant-level security measures requiring multi-factor authentication (MFA) from July 2024. This measure is intended to provide additional protection and secure your cloud identities and company data.
Importance of MFA
MFA is a security method that provides one or more authentication methods in addition to user credentials before users gain access to a service or resource. This increases security beyond the usual username-and-password authentication and makes it more difficult for attackers to compromise accounts. According to a Microsoft report, 99.9% of compromised accounts were not protected by MFA. MFA can prevent more than 99.2% of account attacks, making it one of the most effective security measures available.
Step-by-step introduction
Microsoft will introduce the MFA requirement gradually and methodically in order to minimise the impact on your use cases. Communication about specific rollout dates will be through direct emails and notifications in the Azure portal. Our aim is to inform you of all important changes in good time.
How does MFA work?
Multi-factor authentication requires users to provide two or more pieces of evidence to verify their identity. This can be something the user knows (like a password or PIN), something the user has (like a phone or token), or something the user is (like a fingerprint or facial scan). Entra ID supports various MFA methods such as the Microsoft Authenticator app, voice calls and hardware tokens. Administrators can also use Entra ID Conditional Access policies to determine when MFA is required based on signals such as the user's location, device, role or risk level.
Why is MFA important for the security of Azure tenants?
Given the increasing frequency, sophistication and harmfulness of cyberattacks, the need for MFA is greater than ever. The rise of the hybrid workplace and the accelerated digital transformation of organisations due to the COVID-19 pandemic have expanded the risk scenarios for employees and businesses. MFA can mitigate these risks by adding an extra layer of verification and preventing access from unknown or suspicious sources.
Do you have any questions on this topic? Feel free to contact our experts.
Marvin Hitzfeld | +49 (541) 1395-94 | it-infrastruktur[at]tso[dot]de
Jannis Wolke-Hanenkamp | +49 (541) 1395-14 | it-infrastruktur[at]tso[dot]de