Implementing Azure Multi-Factor Authentication

How to Get Azure Multi-Factor Authentication

Azure Active Directory is included in Office 365 Azure Active Directory Premium plans and in Enterprise Mobility and Security plans. If your firm has neither of these, you can purchase MFA licenses. For more information on obtaining Azure MFA, check out this article.

Below is a guide to implementing Azure Multi-Factor Authentication.

Configuring MFA Policies

The first thing you may want to do, before enabling Multi-Factor Authentication for any users, is to consider configuring some of the available settings. One of the most important features is a trusted IPs list.  This will allow you to whitelist a range of IPs for your network. This way, when users are in the office, they will not get prompted with MFA, and when they take their devices elsewhere, they will.  Here’s how to do it:

 

 

Enabling MFA for users

Now that you have trusted IPs configured, here’s how you can turn MFA on for the users in your organization:

 

 

How user registration works

The last point I will raise to your attention, is the user-side registration process of MFA. Depending on your organizations needs, you may want to create a quick tutorial or even training session to show users what they will need to know. The registration process will require the user to configure the following:

 

 

Now that you have implemented Azure MFA into your firm, you can feel assured that you are actively taking measures to secure your company’s data and alleviate excess risk to the organization.