Microsoft has pledged to make a $20 billion investment in security over the next five years and is committed to enhancing security in services in 2024. Microsoft is introducing mandatory multifactor authentication (MFA) for all Azure sign-ins. This move, scheduled to roll out in 2024 as part of the Secure Future Initiative (SFI), aims to bolster security measures and protect digital assets from increasing cyberattack threats.
Microsoft's SFI emphasizes the importance of protecting identities and confidential data, aligning with the industry's best practices to mitigate the risk of unauthorized access. With mandatory MFA, Microsoft Azure is driving the adoption of robust security standards, user authentication, and authorization processes.
Research conducted by Microsoft shows that MFA can effectively block over 99.2 percent of account compromise attacks, making it a powerful first line of defense in the fight against cybersecurity threats. By enforcing MFA for Azure sign-ins, Microsoft is taking a proactive approach to mitigate risks and ensure compliance with industry security standards and regulations such as Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and National Institute of Standards and Technology (NIST).
How Mandatory MFA For Azure Impacts You
For Azure partners, preparing for the mandatory Azure MFA rollout is essential to avoid disruptions to business operations. Starting in October, the phased enforcement provides partners with a timeline to plan and implement MFA for Azure portal, Microsoft Entra admin center and Intune admin center. Then, in early 2025, it will extend to include Azure Command Line Interface, Azure PowerShell, the Azure mobile app, and Infrastructure as Code (IaC) tools.
From Microsoft Authenticator to FIDO2 security keys, certificate-based authentication, passkeys, and voice authentication, partners have a range of tools at their disposal to enhance the security of Azure sign-ins and protect against phishing attacks.
For both phases, Microsoft will notify global admins about the expected enforcement date of your tenant(s) by email and through Azure Service Health Notifications, 60 days in advance.
Take A Proactive Approach Towards Cybersecurity
Stay ahead of the curve and embrace the future of Azure security with mandatory MFA. Your proactive approach to cybersecurity will protect your clients' data and reinforce your reputation as a trusted Azure partner committed to safeguarding digital assets in an increasingly complex threat landscape.
For more insights and guidance, please review the MFA FAQ on Microsoft Learn or refer to this documentation. You can learn more about Microsoft SFI and Microsoft’s built-in security features here.