As part of Microsoft’s ongoing efforts to keep businesses secure, the company announced it would begin requiring multifactor authentication (MFA) for Azure portal, Microsoft Entra admin center, and Intune admin center as of October 15, 2024. What do these new Microsoft MFA requirements mean for managed service providers (MSPs) and their clients? Read on to learn more.
What is multifactor authentication (MFA)?
MFA is a critical security measure that adds an extra layer of protection to your Microsoft 365 accounts. By requiring two or more verification methods—something you know (like a password), something you have (like a phone or security key), or something you are (like a fingerprint or face recognition)—MFA ensures that even if one credential is compromised, unauthorized users are prevented from accessing your account.
Where will Microsoft be requiring MFA?
Microsoft is now requiring that MFA be in place for anyone signing into the Azure portal, Microsoft Entra admin center, and Intune admin center. To ensure your clients and their users can maintain access, you’ll need to enable MFA by October 15.
Why is Microsoft making this change?
Microsoft has made security a core tenet of its philosophy. Its Secure Future Initiative aims to have its products secure by design to protect users, systems, and data.
In line with this philosophy, MFA for Microsoft 365 (M365) provides:
- Enhanced security: MFA significantly reduces the risk of unauthorized access to your data and applications, as attackers would need to compromise multiple authentication factors.
- Compliance: Many industry regulations and standards require MFA as part of their security requirements. Implementing MFA can help your organization stay compliant.
- User convenience: With options like the Microsoft Authenticator app, users can quickly and easily approve sign-in requests, making the process both secure and user-friendly.
- Adaptability: MFA supports various methods of authentication, allowing flexibility for users to choose the most convenient option for them.
- Reduced phishing risk: MFA can protect against threats such as phishing attacks, as the additional authentication factors are not as easily obtained by attackers as a password might be.
Implementing MFA is a straightforward yet powerful step in securing your M365 environment against potential threats.
“It’s like fastening your seatbelt when you get into your car—it’s the minimum you should be doing to keep yourself safe,” says Maddie Cupchak, Security Solutions Marketing Manager at Pax8.
How do I enable MFA?
For a detailed guide on setting up Microsoft Entra MFA, you can refer to these instructions. And, if you ever need additional information, like how to reset or change your MFA settings, check out this helpful resource. You may also explore all our MFA solutions in the Pax8 Marketplace.
What else should I know about this change?
Enabling MFA is part of establishing a strong overall security posture. For more help on the basic security features you should enable for your clients, read our guide.
Need help? Contact our support team to get help with MFA implementation, so you can ensure your clients maintain access to all their programs and data.