Microsoft
MicrosoftITEric "security lasagna" - hahaha. That's a good one, first time I hear it.
Yeah, totally, we have to put as many security measures in place as we can, that's why I'm not crazy about this.
We just now implemented MFA. A little late, yes. I fail to see how MFA could stop any misuse of this new Teams feature, though.
I'm also troubleshooting with my provider, Okta, the fact that MFA does not work at all for desktop Microsoft applications, but that's a matter for a different conversation.
About spoofing a MFA portal - except for desktop apps, if my users go web-based they (we) need to accept the authenticator challenge. I see that as pretty bullet proof. Hopefully...
I am not leveraging Azure AD at all. I should, I guess.
Remember the times when everyone was in the office and all traffic would go through a solid firewall? Those were the times. Ha.
Nice talking with you too!
