You probably know that cybercriminals are using more sophisticated methods to steal your confidential information. They’ve adjusted their hacks from trying to directly access your device or system using phishing attacks, Trojans or ransomware, to attacking web applications like Microsoft Office 365.
For this reason, we recommend that you protect your Office 365 application with Multi-Factor Authentication (MFA).
MFA has been available for Office 365 administrators since June 2013, and now it’s available for all Office 365 users. Microsoft has added MFA for users of Office 365 Midsize Business, Enterprise plans, Academic plans, Nonprofit plans, and standalone Office 365 plans, including Exchange Online and SharePoint Online. If you have a subscription for one of these, administrators can now enable MFA for your users without requiring any additional purchase or subscription.
MFA increases the security when you log into Office 365, or any web-based application. When you log in and enter your password, you’ll be required to acknowledge a phone call, text message, or an app notification on your smartphone. Once you do, you can then sign into Office 365.
If you think you don’t need MFA for your Office 365 account, please read on.
Today we’re prone to multiple sources of intrusion due to the number of connected devices and applications we use. And Office 365 is now available for your desktop, laptops, tablets, and smartphones.
As you know, with Office 365 you can seamlessly share content, data, and confidential information between your devices (and with others). If your Office 365 gets infected with a virus, cybercriminals can essentially access all of your files and get into your network. You need MFA to combat this.
Still not convinced? Ask yourself these questions:
If you do, there’s no doubt that you need to use MFA. If you’re like most people, your mobile devices are your primary communication tool. And many use them as productivity tools to access their Office 365 resources. If so, you probably keep a lot of your personal and work information on these devices. Another reason why MFA is a must.
Microsoft’s built-in MFA security system, named Azure Multi-Factor Authenticator, requires you to enter more than your password. You must use a verification process through one of the following:
When you sign in to Office 365, you’ll get a message asking for your MFA. Here’s what will happen.
For more information, the next time you log in to your Office 365 account, click on the “Set up” or “Learn More” links next to the “Set MFA requirements” in the Active Users list, or contact your IT administrator. Or, you can visit the Office 365 Trust Center for more information about MFA.
Info for Administrators
Office 365 provides MFA capabilities to provide an extra layer of security. It’s managed from the Office 365 admin center. Office 365 also offers the following subset of Azure MFA capabilities as a part of the subscription:
Note: You must be a global administrator to manage these tasks.
Here’s how administrators can configure MFA for Office 365:
The next time you log in to your Office 365 account as an administrator, click on the “Set up” or “Learn More” links next to the “Set MFA requirements” in the Active Users list. Or you can find more info here.
We highly recommend that you use MFA for Office 365, or any web application. The criminals are out there always searching for the “door” into your data. You must protect it.