Microsoft is set to commence the rollout of security defaults across all tenants that either lack multi-factor authentication (MFA) or utilise per-user MFA security.
Organisations must enable MFA when accessing any Microsoft cloud portal or account (such as Outlook or Microsoft 365).
The rollout is scheduled to begin shortly and will elevate the security baseline of organisations using Microsoft services.
Why Is Microsoft Mandating MFA Security?
The implementation of these security defaults is a significant step towards enhancing the security of cloud tenants. By mandating MFA, Microsoft aims to protect users from potential security breaches that could arise from compromised passwords. MFA provides an extra layer of verification, making it significantly harder for unauthorized individuals to gain access to sensitive information.
What Will Happen When Security Defaults Are Implemented?
- Mandatory MFA Registration: Once the security defaults are implemented, every user within the organisation must register for MFA within 14 days. This crucial step ensures that all accounts have an additional layer of security.
- MFA Setup Prompt: Users will encounter a prompt to set up the Microsoft Authenticator app when signing into their accounts. This prompt allows users to get started with the app immediately or defer the action temporarily. However, after the 14-day window, the option to defer will be removed, necessitating immediate setup.
- Installation and Registration: Users should install the Microsoft Authenticator app on their mobile devices and register their accounts.
Akita will support all of its customers in the rollout of Microsoft MFA solutions and can assist other organisations who get in touch.
Why Implement MFA?
MFA is vitally important for protecting against cyber threats.
With the rise of AI-powered threats password-only security can be compromised in seconds and is therefore no longer sufficient. MFA therefore adds a critical layer of defence by requiring additional verification methods, such as a code generated by an authenticator app or a text message.
This means that even if a password is compromised, unauthorised access is still unlikely without the second form of authentication. It is thought in this way that MFA can stop over 99% of password-based attacks.
Next Steps For Organisations
Implementing MFA is an important step to potential security risks. Akita can support organisations with the deployment of Microsoft’s MFA solutions and any necessary security policy configuration.
We can also assist with strengthening organisations’ wider cyber security stance, including deploying broader MFA solutions to protect servers, applications and finance systems.
For more information about MFA security measures or wider cyber security services, please get in touch:
Contact Us