Strengthening security: Microsoft’s mandatory MFA initiative

Sarah Van De Vyver,

Safeguarding digital assets is a paramount concern for every organization, especially as cyber threats become increasingly sophisticated. In response, mandatory multi-factor authentication (MFA) is gaining traction with companies like Microsoft leading the way.

To start, Microsoft announced mandating MFA for all Azure user sign-ins. This mandate is part of Microsoft’s broader Secure Future Initiative, which is enforced by the Microsoft Entra Admin Center. It underscores the critical need for enhanced security measures in today’s digital landscape. Since MFA can stop over 99.2% of account compromise attacks, this step is vital for fortifying organizational defenses.

Mandatory MFA is a game changer for organizational security. As organizations weigh their MFA options, it's crucial to understand all MFA components.

The difference between traditional and phishing-resistant MFA

Traditional MFA methods rely on the user to log in to an email address or access a voice call/SMS-based code. While this adds an extra layer of security, the user can still be vulnerable to phishing attacks. In this case, attackers can trick users into revealing their authentication codes, often by mimicking legitimate services.

In contrast, phishing-resistant MFA like FIDO2 keys or hardware tokens, implement more secure methods less susceptible to interception. Phishing-resistant MFA like FIDO2 leverages public key cryptography, to be sure that authentication is tied to the legitimate service and cannot be intercepted or reused by attackers. This provides a much stronger defense against credential theft because it eliminates the risks associated with traditional MFA methods.

DIGIPASS FX: Phishing-resistant security for your entire workforce

With phishing attacks surging by 58.2% in 2023, they remain one of the most common methods cybercriminals exploit. It raises the question of finding the balance between security and user convenience when setting up MFA solutions.

This is where DIGIPASS FX, OneSpan’s line of FIDO2 hardware authenticators, becomes a pivotal tool in your security arsenal. Unlike traditional password-based authentication, FIDO2 standards ensure that authentication is secure, resistant to phishing, and free from the vulnerabilities of password reuse or weak credentials.

Additionally, phishing-resistant DIGIPASS authenticators eliminate passwords, ultimately simplifying the customer experience.  

DIGIPASS FX ensures that the authentication method is both secure and user-friendly. This reduces the burden on users, who no longer need to remember complex passwords. For organizations, this translates to a lower likelihood of security incidents while maintaining a frictionless experience for employees.

Protecting all levels of access, from admins to the entire workforce

While Microsoft’s mandatory MFA enforcement initially targets administrators, every member of an organization’s workforce is a potential target for cyberattacks. Cybercriminals often exploit any weakness in an organization’s defenses, making it crucial for all users—not just those with high-level access—to adopt strong security measures.

DIGIPASS FX authenticators help protect access for everyone, from executives to entry-level employees. Whether an administrator is accessing critical infrastructure or an employee is logging into their daily applications, DIGIPASS FX FIDO2 keys deliver the same high standard of security.
These devices mitigate the risk of credential theft and unauthorized access, creating a more secure environment for all users. They not only enhance individual account security but also strengthen the organization's overall cybersecurity posture.

DIGIPASS FX passkeys also integrate effortlessly with Microsoft Azure’s MFA security framework, making them ideal for organizations preparing for Microsoft’s required MFA. The compatibility with FIDO2 standards means organizations can deploy them across a range of applications beyond Azure, as well.

This offers a consistent and secure authentication experience across your entire digital ecosystem, also introducing your organization with a future-proof investment. As your organization’s security needs evolve, DIGIPASS FX will continue to provide reliable protection.

Embracing a secure and convenient future

The mandate for Microsoft enforcement of MFA for all Azure portal sign-ins shows the direction the industry is heading. The need for secure, phishing-resistant, and user-friendly authentication solutions has never been greater. 

DIGIPASS FX authenticators offer a powerful way to meet these challenges head-on. They provide organizations with confidence that they are fully protected against the evolving threat landscape.

By prioritizing security across the entire workforce, organizations can foster a culture of vigilance and responsibility. Discover how DIGIPASS FX can strengthen your organization's security culture.

DIGIPASS FX
Webpage

DIGIPASS FX authenticators

By prioritizing security across the entire workforce, organizations can foster a culture of vigilance and responsibility. Discover how DIGIPASS FX authenticators can strengthen your organization's security culture.

Learn more

Sarah is Product Marketing Manager at OneSpan and responsible for OneSpan’s FIDO, hardware and server solutions. She has over 15 years of experience in ICT and Communications and held previous positions within OneSpan’s Corporate Communications department.