Protecting sensitive data is essential for any organization; it forms the foundation of your business security. If your organization uses Microsoft 365, make sure you enable Multifactor Authentication (MFA) for your admin portals. There are, in fact, some major changes in the pipeline.
Starting October 15, 2024, Microsoft is introducing a new security measure. This measure will require administrators to use MFA when accessing the Microsoft Azure portal, Microsoft Entra admin center, and Microsoft Intune admin center. This also applies to all services accessed through the Intune admin center, such as Windows 365 Cloud PC. Without MFA, your administrators will be denied access to these critical systems.
'Your team needs to understand why MFA is needed.'
‐ René Vlieger, Microsoft 365 Consultant at Centric
More than a technical requirement
While the technical implementation of MFA is essential, it is only the beginning. Implementing MFA also requires a critical look at the underlying processes within your organization. It is not enough to simply enable MFA; it needs to be embedded in your team’s daily work. This requires clear procedures and continuous monitoring to ensure that MFA is used and maintained correctly. In addition, awareness is essential. Your team needs to understand why MFA is needed. And what role they play in protecting the organization. This goes beyond simply following instructions: it means that everyone is aware of the risks and the impact a breach could have on the organization.
What does this mean for your organization?
If MFA is not enabled after October 15, 2024, your administrators will be required to set it up before they can access the Azure, Entra, or Intune portals. Failure to implement MFA by this date could result in restricted access for your administrators. This can seriously disrupt the daily operational continuity of your organization.
What should you do?
Enable MFA now: Don’t wait until the last minute. Ensure MFA is set up immediately so that your administrators can continue to access critical systems without interruption.
Defer if necessary: If you can’t meet the deadline, consider requesting an extension. However, this should be a last resort. By delaying your MFA implementation, you expose yourself to additional risk.
The October 15, 2024 deadline is fast approaching, and the consequences of inaction are severe. Enabling MFA is a simple but powerful step to strengthen your organization’s cybersecurity. Don’t leave your admin accounts vulnerable but take action today to protect your organization.
Contributor(s)
René Vlieger works as a Microsoft 365 consultant at Centric. He specialises in cloud technology and helps organisations with their digital transformation. His passions lie in increasing productivity, strengthening governance and security measures, ensuring compliance and promoting seamless adoption of new technologies.
