cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Create Policy for MFA non-compliance - Require MFA for administrative roles

SergioT1228
Brass Contributor

‎Sep 16 2020 11:23 AM

‎Sep 16 2020 11:23 AM

Create Policy for MFA non-compliance - Require MFA for administrative roles

We are using AATP and when we review our Secure Score(security.microsoft.com) one of the action items is to "Require MFA for administrative roles".  We have setup MFA but not sure what this is coming up as an "Improvement action".

I wanted to create a Policy within Cloud app so I could be alerted whenever there is a user that has an admin role but not required to utilize MFA.  Is that possible?

 

Thanks,

 

Serge

524 Views
0 Likes
1 Reply
Reply
1 Reply
PeterRising

‎Sep 17 2020 10:49 AM

‎Sep 17 2020 10:49 AM

Re: Create Policy for MFA non-compliance - Require MFA for administrative roles

@SergioT1228 

 

Hi, this is not something you configure using ATP.  Instead, you need to look at Azure AD Conditional Access. You can enforce MFA based on roles.  Just be careful not to lock yourself out of your tenant,and exclude your permanent break glass accounts.    

 

You can read more about CA here - https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview

 

1 Like
Reply