Description
- Type: CUSTOMER
- Severity: CRITICAL
- Protection against: SOCIAL ENGINEERING
- CIS: M365 1.1.1 - (L1) Ensure multifactor authentication is enabled for all users in administrative roles
- Fix Available: YES
This Customer Check verifies via Secure Score whether all administrators have Multi-Factor Authentication (MFA) enabled.
Why this check?
With Multi-Factor Authentication, an individual is forced to use at least 2 different methods of authentication before access is granted. This provides more certainty about whether the person is truly who they claim to be. It makes it very difficult, if not impossible, for an attacker who has gained access to a password (via phishing, malware, or leaked data, for example) to log in. This form of authentication should at least be enabled for users with administrative rights because these individuals have access to sensitive data and systems and are therefore a major target for attackers.
CIS Benchmarks
This measure is in line with the following item from the Center for Internet Security (CIS) Microsoft 365 Foundations Benchmark:
- CIS M365 1.1.1 - (L1) Ensure multifactor authentication is enabled for all users in administrative roles
What possible outcomes does the check have?
This check has two possible outcomes. In Attic, this is reflected as follows:
- Okay: Multi-Factor Authentication is enabled for all administrators
- Critical: There are administrators in the tenant for whom Multi-Factor Authentication is not enabled
How should this be followed up?
If the output is Critical , we advise enabling Multi-Factor Authentication for all administrators.
A Fix is available for this check, which we will offer via Attic.
Comments
0 comments
Please sign in to leave a comment.