Forum Discussion

Brass Contributor

Sep 16, 2020

Create Policy for MFA non-compliance - Require MFA for administrative roles

We are using AATP and when we review our Secure Score(security.microsoft.com) one of the action items is to "Require MFA for administrative roles". We have setup MFA but not sure what this is coming...

PeterRising

MVP

Sep 17, 2020

SergioT1228

Hi, this is not something you configure using ATP. Instead, you need to look at Azure AD Conditional Access. You can enforce MFA based on roles. Just be careful not to lock yourself out of your tenant,and exclude your permanent break glass accounts.