Forum Discussion

MartijnBreet's avatar
MartijnBreet
Iron Contributor
Jun 03, 2025

Hi Nam,

Based on my interpretation there are different requirements (policies) which need to be in effect at certain moments in time. Starting 1st of October 2025 all partners need to have at least the following policies in place:

  1. Enable multifactor authentication for admin roles in the Partner tenant
  2. Response to alerts is 24 hours or less on average
  3. Provide a Security contact

at anniversary month other requirements need to be met:

Direct Bill anniversary

4. Enable MFA for all Customer Admin roles

5. All azure subs have spending limit

Same policy 4 & 5 apply for the Disti, but as the FAQ mentions they only need to meet the revenue and security requirements on anniversary in Year 2.

Applying all above with current scores brings tenant to 80 points. In preview I can see another policy in Partnercenter worth 10 points, then we are still missing 10 points for a yet undisclosed requirement.

6. All users complete multifactor authentication registration

7. Yet unknown requirement

As said, this is my interpretation of the documentation. Hope this helps, but it wouldn't mind to keeping an eye on partnercenter on any changes popping up there...

Regards,

Martijn

 

 

ps: readable version of the FAQ in CSP partner launch calender https://partner.microsoft.com/nl-nl/resources/detail/partner-launch-calendar-csp-pdf 

namlovely201180's avatar
namlovely201180
Brass Contributor
Jun 03, 2025

From the F&Q document I see a section titled Complete the mandatory requirements of the Partner Center security score*

Not sure if it only mandatory does only 

  1. Enable multifactor authentication for admin roles in the Partner tenant
  2. Response to alerts is 24 hours or less on average
  3. Provide a Security contact


The other 2 Topic   Enable MFA for all Customer Admin roles & All azure subs have spending limit are as shown in the picture that I posted on the partner center and in the In preview section, another 10 points, which are just recommended Are they forcing you to do it ? I think the latest document only enforces the mandatory part. What do you think? 

 

But for sure if the score must be more than 80% I can't do the Enable MFA for all Customer Admin roles topic. I have 7000+ customers who don't have MFA enabled. Even if I advise partner awarness about this, I can't force them to enable it.

Resources