Forum Discussion
Requirement: Users with administrative roles in the customer tenants must use MFA
Response from the team: :)
How do I achieve a passing security score?
To achieve a passing security score, partners must complete the following mandatory security requirements:
- Enable MFA for all administrative roles (on the partner CSP tenant)
- Add a Security contact
- Respond to security alerts within 24 hours or less (applies to direct bill and distributor only)
Is achieving an 80% secure score required to maintain CSP authorization?
No, achieving an 80% secure score is not required. However, partners must meet all mandatory security requirements to maintain their CSP authorization. These include:
- Enable MFA for all administrative roles (on the partner CSP tenant)
- Add a Security contact
- Respond to security alerts within 24 hours or less (applies to direct bill and distributor only)
Hi,
Really interested on what's the guidelines here from MS. I think the issue exists for direct bill partners too if i understood correctly.
This requirement is absolutely insane. I'd really love to see how Microsoft expects us to hit 80 points on the Security score under these conditions. Topic Enable multifactor authentication for admin roles in the customer tenants I have over 13,227 customers, and 5,994 of them haven’t enabled MFA. As a distributor, I have zero authority to force end-customers to turn on MFA. Telling us to get them to enable it — how the hell are we supposed to do that? How exactly do you plan to solve this mess?