Forum Discussion
Access attempts to block
In a tenant with Microsoft 365 Business Standard licenses we have noticed several logon attempts with accounts in the tenant coming from non legitimate users or countries. Given that the Business St...
Hi StefanoC66,
Unfortunately, Conditional access can only configure these kinds of conditions. What you could do to improve the security posture of the organization is to configure Azure AD MFA. Enabling the https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults within Azure AD should help you with this. Configuring this doesn't require any additional licenses.
If this still doesn't fit the business needs, the cheapest option would be an upgrade to Microsoft 365 Business Premium.
Good luck!
Security defaults has already been enabled but it doesn't help since MFA is not forced to all users and also the user must register for it.
Most of the replicated users wouldn't even access O365 since no license will be assigned.
Moreover,, it look to me, that in the unfortunate case that an hacker can get the user password before the MFA is registered by the legitimate user it might even register itself for MFA.
Most of the replicated users wouldn't even access O365 since no license will be assigned.
Moreover,, it look to me, that in the unfortunate case that an hacker can get the user password before the MFA is registered by the legitimate user it might even register itself for MFA.
- That's where Conditional Access kicks in. In that case, I would advise creating a policy that blocks MFA registration except if you come from a trusted location (VDI, VPN, Office IP, etc.). But again, and as you know. You still need a P1 license for this.