First published on CloudBlogs on Mar 17, 2016
To put this Azure AD usage into perspective, here are a few key data points:
- A minority of the 8.24m tenants have user accounts.
- But, because they are comparatively large, those tenants account for 91% of all the identities in Azure AD.
- Of those larger accounts, just 4% use a 3rd party or homegrown solution to keep their identities in sync with their on-premises AD ( g. Okta, Ping, etc.).
- Only 3% of those authentications are completed by a 3rd party identity service, 3rd party federation server or custom solution.
- Don’t believe anyone who tells you that your best option is to use a 3rd party solution ( g. Okta, Ping) because “everyone is doing it.”
- Everyone is definitely not “doing it” – it is a very small minority.
How MFA works is simple:
- When you need access to a resource you ask Azure AD for access.
- Azure AD then prompts you to authenticate.
- When you do successfully authenticate, you’re then prompted to provide one or more additional factors of authentication before the authentication is completed.
- These additional factors can be a phone call, a text message with a code you then enter, or a code you enter provided by the Azure Authenticator app on your device.
- This provides maximum flexibility while being much easier to roll out than a second “hard factor” such as a token or smart card.
- This second factor of authentication should be a core component of your security moving forward. With MFA, you can block an attacker from accessing corporate content even if they have a valid username and password.
Additional Resources:
- Watch an Azure AD + Identity episode : Azure AD Domain Services Preview
- Get in-depth training : Active Directory Core Skills
-
Watch a how-to
:
Configure Multi-factor authentication for MDM
- Launch the corresponding Virtual Lab
- Explore the TechNet Library : Protect Windows devices with multi-factor authentication
- Get hands-on : Enterprise Mobility Suite trial
- Download analyst insights : IDC Technology Spotlight: Securing Productivity in the Borderless Enterprise
Published Sep 08, 2018
Version 1.0Brad Anderson
Iron Contributor
Joined September 06, 2018
Microsoft Security Blog
Follow this blog board to get notified when there's new activity