Skip to main content
close search
site logo
Dive Brief

Microsoft mandates MFA for all Azure users

The company said it will require the identity and access control for all Azure sign-ins starting in October.

Published Aug. 19, 2024
Matt Kapko's headshot
Senior Reporter
Hand grabbing password out of blurred code.
LuisPortugal/Getty Images Plus via Getty Images

Dive Brief:

  • Microsoft will require multifactor authentication for all customers to sign-in to Azure portal, the Microsoft Entra admin center and Intune admin center starting in October, the company said in a Thursday blog post.
  • The company began to send 60-day notices to all Entra administrators impacted by the change on Thursday. Microsoft said it will review requests from customers with complex environments or technical barriers for additional time to implement mandatory MFA.
  • Microsoft will phase in MFA at sign-in for Azure Command Line Interface, Azure PowerShell, Azure mobile app and infrastructure as code tools in early 2025, the company said.

Dive Insight:

The MFA mandate is part of Microsoft’s Secure Future Initiative, an effort the company started in November to overhaul its cybersecurity strategy by integrating key security features into its platforms and services.

Microsoft CEO Microsoft Nadella doubled down on the company’s commitment to advance cybersecurity protection in April, making security the top priority after a withering report from the federal Cyber Safety Review Board criticized the company for prioritizing speed to market over security.

MFA adoption in enterprises remains a sticking point and a key difference maker in potentially preventing catastrophic attacks.

Two of the nation’s most damaging cyberattacks this year — a February ransomware attack against Change Healthcare and a wave of attacks targeting more than 100 Snowflake customers — were attributed to systems without MFA.

Microsoft’s cloud platform Azure serves as the backbone for the infrastructure, compute and services it provides to customers. Microsoft, the second-largest hyperscaler behind Amazon Web Services, ended the second quarter with a 23% share of the cloud infrastructure services market, according to Synergy Research Group.

Microsoft’s MFA mandate on Azure is firm, but the company is being flexible with the types of MFA customers can use to meet the requirement.

Customers can use Microsoft Authenticator, FIDO2 security keys, certificate-based authentication, passkeys and text message or voice-based approval to enforce MFA through Microsoft Entra, the company said.

Filed Under: Strategy

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Editors' picks
Latest in Strategy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell