MFA on Azure AD
So far, all employees at Acme have been using only passwords to authenticate to enterprise applications protected by Azure AD SSO.
Acme’s management has read the following information: “MFA can block over 99.9 percent of account compromise attacks” (https://www.microsoft.com/security/blog/2019/08/20/one-simple-action-you-can-take-to-prevent-99-9-percent-of-account-attacks/).
Research shows that passwords are used in more than one account by the majority of users. As password leaks become more and more frequent, security experts recommend the use of at least two factors of authentication for most enterprise accounts (https://techcommunity.microsoft.com/t5/azure-active-directory-identity/your-pa-word-doesn-t-matter/ba-p/731984).
The US government also mandates the use of MFA by all of its agencies for authenticated access to federal systems by agency staff, contractors, and partners (https://zerotrust.cyber.gov/federal-zero-trust-strategy...
