fbpx

CA-SD01: Require multi-factor authentication for admins

Introduction

Require multi-factor authentication for privileged administrative accounts to reduce risk of compromise.
This policy will target the same roles as Security Default

Targets

Standard Tenant Administrator Roles

User Impact

MEDIUM

This policy will specifically target Tenant Administrators to enforce MFA

Basics

Template Category: Identity Protection (Security Defaults)

Assignments

Includes
Directory Roles
– Global administrator
– Application administrator
– Authentication administrator
– Billing administrator
– Cloud application administrator
– Conditional Access administrator
– Exchange administrator
– Helpdesk administrator
– Password administrator
– Privileged authentication administrator
– Privileged role administrator
– Security administrator
– SharePoint administrator
– User administrator
Excluded– None

Cloud Apps or actions

Cloud Apps– All apps

Access Controls

Grant

Grant– Require multi-factor authentication

Get Started!

The first three tenants are free! No credit card required.

Sign Up