Cyber Insurance Requiring MFA *Everywhere*

Cyber Insurance Requiring MFA Everywhere Cyber insurance providers are tightening their requirements for Multifactor Authentication. For starters, they are being more verbose about the systems and services on which MFA is enabled. They’re making what had been a very broad question into a set of discrete questions. Essentially, what was “Do you have MFA enabled?” […]

MFA is (Unconditionally) Not Enough

MFA is (Unconditionally) Not Enough Microsoft has seen a trending number of instances whereby an Office 365 user is phished and has their O365 session hijacked. The adversary uses the victim’s token to sidestep Multifactor Authentication (MFA), allowing the attacker into the victim’s email where they can impersonate and ask for bogus wire transfers. This […]

Microsoft Entra ID Third Party MFA Integration with DUO

Azure AD Third Party MFA Integration with DUO 3rd Party Multi-factor authentication Integration with Microsoft Entra ID (formerly known as Azure AD) and Conditional Access is available to allow administrators to use an alternative Multi-factor authentication provider instead of Azure Multi-factor authentication. This still requires Microsoft Entra ID (formerly known as Azure AD) Premium P1, which does include […]