- MFA is crucial for identity and access management, ensuring only authorized users can access services and resources.
- The rollout is initiated from the Azure portal and extends to PowerShell and Terraform, excluding Azure-hosted apps, websites, or services.
- Admins can customize MFA requirements via Entra ID Conditional Access policies and track adoption and status with dedicated reports and tools.
Microsoft has announced that multi-factor authentication (MFA) will be mandatory for all Azure users starting in July 2024. This change is part of the Secure Future Initiative, which aims to strengthen security and prevent data breaches.
Naj Shahid, principal product manager, Microsoft Azure, explained that the new initiative addresses customer concerns about security. The rollout will initially focus on Azure admins and eventually extend to PowerShell and Terraform users. End users will only be impacted if they log in to the Azure portal, PowerShell, or Terraform to administer Azure resources. Automated token-based accounts are also exempt from these changes.
Multi-factor authentication adds extra steps to the login process, requiring users to provide multiple forms of identification such as passwords, PINs, phone authentication, tokens, fingerprints, or facial recognition. This helps block phishing and brute-force attacks, making it difficult for attackers to steal data and compromise accounts. Microsoft Entra ID offers flexible MFA options such as Microsoft Authenticator, SMS, voice calls, and hardware tokens. Admins can tailor MFA settings based on user signals such as location, device, role, or risk level.
See more: Microsoft Sends Out Warning about Growing Threat of Gift Card Fraud
Microsoft has revealed that 99.9% of compromised accounts did not use MFA, while MFA stopped 99.2% of attacks. With remote work on the rise, MFA provides an essential layer of security against unauthorized access from unknown or suspicious sources.
Thanks to MFA, only authorized users can access resources, which is crucial for identity and access management. Microsoft’s Secure Future Initiative enhances identity protections like MFA at the tenant level. This helps prevent breaches and meets security standards such as PCI DSS, HIPAA, GDPR, and NIST. The company encourages users to enable free MFA at the tenant level using a simple MFA wizard for Microsoft EntraOpens a new window .
MORE ON SECURITY
Pragati is an enthusiastic content creator who enjoys experimenting with different technologies. She specializes in creating engaging content on topics like data, AI, cloud computing, cybersecurity, and MarTech. Pragati's writing skills, combined with her love for painting, social work, dancing, and cooking, bring a unique perspective to her work. She is passionate about transforming complex technical information into accessible and captivating content that resonates with her audience.