In November 2023 at Microsoft Ignite, we announced Microsoft-managed policies and the auto-rollout of multifactor authentication (MFA)-related Conditional Access policies in customer tenants. Since then, we’ve rolled out report-only policies for over 500,000 tenants. These policies are part of our Secure Future Initiative, which includes key engineering advances to improve security for customers against cyberthreats that we anticipate will increase over time. 

This follow-up blog will dive deeper into these policies to provide you with a comprehensive understanding of what they entail and how they function.

Multifactor authentication for admins accessing Microsoft admin portals

Admin accounts with elevated privileges are more likely to be attacked, so enforcing MFA for these roles protects these privileged administrative functions. This policy covers 14 admin roles that we consider to be highly privileged, requiring administrators to perform multifactor authentication when signing into Microsoft admin portals. This policy targets Microsoft Entra ID P1 and P2 tenants, where security defaults aren't enabled.

Read the full story here: Auto Rollout of Conditional Access Policies in Microsoft Entra ID - Microsoft Community Hub