Forum Discussion

JayFMSTechComm's avatar
JayFMSTechComm
Iron Contributor
Nov 03, 2022

Security Defaults in Azure AD

Back in the early days of Office 365 it was recommended that Global Administrators not use MFA in case they needed to login and didn't have access to their second factor.

 

Recently I was prompted to enable security defaults of MFA for every user:

 

https://Aka.ms/securitydefaults which re-directs to:

 

https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults

 

What's changed such that it's now recommended that Global Admins use MFA?

 

Thanks

  • Hello, security defaults are great for all organizations that doesn't have an Azure AD P1/P2 subscription but still want to benefit from an improved security posture.

    It's still recommended to use "break glass" accounts and set them up differently than the other admin accounts. But to be able to do that you can't be on Azure AD free as the configuration options simply cannot be used.
  • Hello, security defaults are great for all organizations that doesn't have an Azure AD P1/P2 subscription but still want to benefit from an improved security posture.

    It's still recommended to use "break glass" accounts and set them up differently than the other admin accounts. But to be able to do that you can't be on Azure AD free as the configuration options simply cannot be used.

Resources