Forum Discussion

LM's avatar
LM
Brass Contributor
Dec 13, 2017

Secure score and MFA

MFA is enabled via Azure AD conditional access policies, but it seems like secure score is not recognizing that MFA is enabled via Azure AD conditional access policies and still indicates that MFA is not enabled and the update page in secure score takes you to the O365 portal to enable MFA for users.

  • LM's avatar
    LM
    Jan 09, 2018

    Thanks for the confirmation.

  • LM's avatar
    LM
    Brass Contributor

    Can anyone confirm if this is an issue with Secure score and if this will be fixed?

    • Hi Lavanya,

       

      At this point Secure Score does not support conditional access scenarios for MFA.  I have asked the team to add this to the backlog of controls we should support.

       

      Sorry for the delay in getting back to you. 

      • Craig_Slack's avatar
        Craig_Slack
        Copper Contributor

        Hello Anthony Smith (A.J.), is there an update on this?  We are a Microsoft Partner and CSP.  There was a new requirement that came into effect Sept. 1st for all MPN Members to have MFA enabled across their tenant and CSP customers.  We are now getting reports from Microsoft that tell us we are not in compliance with this new ruling even though we have MFA enabled for all of our clients in our tenant.  Upon looking into it further, when we look in our customer's tenants in the AAD where we have some guest accounts to manage the client's Azure environment, their Azure Secure Score is reporting that our guest accounts do not have MFA enabled, but they do in our tenant.  Is there a resolution for this as it sounds like it's related to the conditional access MFA mentioned in this thread.  Thank you.

Resources