Research indicates that Multifactor Authentication (MFA) can block more than 99% of account compromise attacks. For this reason, in the Q4 of 2024, Microsoft began requiring MFA for all their cloud services, including Azura, Entra Admin Center, and Intune Admin Center. On February 3, 2025, Microsoft began requiring MFA for the M365 Admin Center and requests all M365 user accounts have MFA implemented by September 2025.
What Do You Need To Know:
- In February 2025, Microsoft began moving M365 MFA to a new platform. This includes policy changes. The changes are mainly invisible to the end users, but we have seen some anomalies that result in the authenticator-generated code not working. When this happens, the end user will need to choose a new MFA method.
- There are multiple methods for receiving an authentication code for MFA. These include authenticator applications, text messages, and phone calls. You should choose the method that works best for the end user.
What You Need to Do:
-
- Start planning on implementing MFA for all end users now by talking about which method will work best for your end users’ MFA code generation.
What DCR Is Doing:
- DCR proactively implemented MFA for all global administrator accounts for companies that were clients prior to Q4 2024.
- At that time, we also removed global administrator rights from user accounts that did not need that level of access.
- In March 2025, we will convert our own M365 MFA to the new platform.
- In April 2025, we will begin contacting our clients to discuss your MFA implementation or migration. We will assist you, as needed, with ensuring your M365 MFA meets the recommended security standards.
Our engineering team looks forward to working with you. Please do not hesitate to contact me with questions or concerns.