This July, Azure teams will begin rolling out additional tenant-level security measures to require multi-factor authentication (MFA). Establishing this security baseline at the tenant level puts in p...
Updated May 17, 2024
Version 4.0Blog Post
THANK YOU Microsoft.
This change is long waited.
Have you informed partner like Coreview about this change? Today they are using service account to login on tenant, it means they need to move to service principal in less than two months and this is for all their clients.
I like the idea of killing service accounts which most of the time are just admin account but the timeframe is pretty low here and it may be challenging.
If you want my point of view? Start by giving more transparency to customer on secure score in defender. There are a lot of entra related controls here and none of them provide a view on exposed entities.
You want to improve MFA for azure? Show non compliant login in a simple view
Want to go cloud only for administrator? Provide the listing of accounts non compliant and not just a score which says compliant or not without details.
It's how client can improve their tenant, they need those score but need as well transparency on the scoring to know where it fail.