Microsoft Requires 2FA Login for Azure Cloud Users Starting in October

Published: November 01, 2024 on our newsletter Security Fraud News & Alerts Newsletter.

According to Microsoft, the mammoth software company will soon be requiring their Azure clients to apply two-factor authentication (2FA) to login to the cloud platform. The 2FA mandate begins in October as part of a $20 billion investment in Microsoft’s future cybersecurity.

Creating their “Secure Future Initiative” (SFI), the tech giant says the 2FA requirement is part of the project’s multi-billion-dollar plan to bolster security. Their own research shows 2FA can prevent over 99% of attacks involving phishing and account compromise. Microsoft provided a two month notice to Azure users about the 2FA mandate rolling out in two parts starting soon.

Microsoft says implementing the 2FA requirement will ensure 100% of user accounts are protected with multifactor authentication. In addition, they believe 2FA will, among other things, protect identity infrastructure signing and platform keys, and ensure 100% of applications are protected with system-managed credentials. By implementing 2FA, it says incidents of customer account compromise and data breaches will decrease.

Using 2FA

If you’re an admin of Azure, you already know what 2FA is. It’s more and more important to use it when it’s available and require it of users. There are many options, including a one-time passcode that gets sent as a text or email message, authenticator apps, and even hardware “keys.” While there are advantages and disadvantages to all options, using something is always better than using nothing for 2FA.

Recent Cyber-Issues

A few months ago, Microsoft fell victim to a distributed denial of service (DDoS) attack. A DDoS floods a server or network with internet traffic, bringing it to a standstill. The DDoS against Microsoft lasted nearly ten hours, with users unable to connect with their 365 products including Azure, Office, and Outlook.

Only weeks before this latest security incident, a CrowdStrike cybersecurity update crashed computers using Windows. The outage wreaked havoc with countless industries including airports and other businesses worldwide.

It may be no surprise Microsoft is implementing their SFI initiative beginning with the 2FA login requirement. According to the company, the mandate will “not only reduce the risk of account compromise and data breach for our customers, but also help organizations comply with several security standards and regulations.”

Keep up to date: Sign up for our Fraud alerts and Updates newsletter

Want to schedule a conversation? Please email us at advisor@nadicent.com