How the Azure MFA requirement will affect your organization
September 30, 2024 •
As security threats continue to evolve, Microsoft has updated its policies to introduce an Azure Multi-factor authentication (MFA) requirement that will ensure stronger identity and access management protection for administrator and user accounts. MFA is a proven tool to prevent cyber attacks and protect accounts from unauthorized access.
In this post, we’ll explore what these new requirements entail, why they’re important, and how you can implement them to safeguard your organization’s data and resources.
What is the new Azure MFA requirement?
The new Azure MFA requirements will be deployed in two stages.
The first stage will begin in October of 2024, and enforce multi-factor authentication as a requirement to sign in to administrator accounts that use the following Microsoft Azure services:
- Azure Portal
- Microsoft Entra admin center
- Intune admin center
This requirement will affect organizations worldwide and will be slowly rolled out in batches until the end of the year.
The second stage will begin early in 2025, and extend the requirement further to the following Microsoft services:
- Azure Command Line Interface
- Azure PowerShell
- Azure mobile app
- Infrastructure as Code (IaC) tools
Customers with complex environments and technical barriers may be provided with additional time to roll out this requirement.
Why has this new MFA requirement been introduced?
The Azure MFA requirement has been introduced as part of Microsoft’s Secure Future Initiative (SFI). Key actions as part of this initiative include implementing rapid and automatic rotation of identity infrastructure keys with hardware security, strengthening identity standards across all applications, and ensuring all user accounts are protected with phishing-resistant multi-factor authentication.
MFA has been proven to reduce account compromise attacks by up to 99.2%. It is also a key requirement in many compliance standards, including the Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and more.
Enforcing the use of MFA on all Microsoft Azure services will make it easier for many organizations to easily meet these compliance standards and protect unauthorized account access.
How to meet the new Azure MFA requirement easily with LoginTC
LoginTC has been a longtime partner with Microsoft to ensure simple, strong, and well-supported MFA is available to organizations of all sizes and in any industry.
Most recently, LoginTC was made an Entra ID External Authentication Methods (EAM) provider. This allows administrators to natively integrate LoginTC with Entra ID and other Microsoft online applications.
LoginTC is also available as an alternative to the Azure MFA Server, an on-premises version of Microsoft’s MFA solution that is deprecated as of September 30, 2024. By switching to LoginTC, customers can choose a cloud deployment that integrates with an existing on-premises AD FS server, or go fully on-premises with LoginTC Managed.
Organizations can also leverage phishing-resistant FIDO2 authentication for browserless services like Windows Logon and Remote Desktop using LoginTC. This cutting edge approach to MFA means that strong authentication is available at your organization anywhere there is a username and a password.
Try LoginTC with Microsoft Azure today
Meeting your organization’s MFA needs and requirements doesn’t have to be hard. With LoginTC, you get access to the tools, policies, and support that your organization needs to be compliant and secure.
LoginTC is the perfect partner with your Microsoft services to ensure complete protection at all access points.
You can start a free trial today, with no credit card required, or reach out to our MFA implementation team to learn more.