The NCSC has recently published publicly available guidance on ‘MFA for Online Services’
One of the most important steps an organisation can take to reduce the risk of O365 account compromise via brute force attacks or spear phishing is the implementation of Multi-Factor Authentication (MFA) across the O365 platform. As users tend to reuse passwords across online and enterprise services,4 MFA reduces the potential of password compromise through adding another layer of security.
MFA works by requiring two or more of the following authentication methods:
• Something you know (typically a password)
• Something you have (a trusted device such as a mobile phone)
• Something you are (biometrics)
The O365 platform supports a number of different MFA mechanisms and depending on the subscription, organisations are able to use a mixture of different deployments.
To implement MFA effectively across an organisation’s O365 platform will require IT departments to understand the user group to which they are intending to roll it out. This is especially crucial when organisations are dealing with a diverse workforce. As an example, organisations that have employees deployed in locations with poor mobile phone coverage may have problems receiving SMS tokens, causing difficulties in access to the O365 platform. In this scenario, organisations should consider the different MFA mechanisms available to them to avoid reluctance in adoption across the wider organisation.
This is an extract from the NCSC paper published Dec 4 18 available here
Alchemy Systems are expert with Office 365 deployment and management. We have a wide range of tools and the skills to guide a company through the maize. call us on 0330 043 0801 or email us [email protected]