Security is more and more of a concern as many companies take their systems to the cloud and others worry about the safety of their on-premises systems. Azure AD Premium provides an excellent method of a “Multi-Factor Security” for organizations that have on-premises and cloud deployment solutions.
What is “Multi-Factor Security”? Multi-Factor Security is a means of authorizing a User to access the system using two methods of verification. The most common methods are phone calls, texts, or mobile applications.
When a User signs in from a new device that hasn’t previously been used to log into the system, they will be required to verify their identity by responding to a phone call, text message, or an application on their phone. Each User in your active directory is tied to a specific phone number to prevent someone from using a phone that is not authorized.
The value of adopting Multi-Factor Security is that it not only adds an extra level of reassurance, but it also guards against brute force hacking. I don’t want to say that the Multi- Factor Security all but eliminates unauthorized access because even the most sophisticated hackers can get into a system eventually, but why not remove 98% of the threat from the beginning?
Below is a comparison of the AD versions*:
|
Feature |
Multi-Factor Authentication for O365 (included in O365 SKUs) | Multi-Factor Authentication for Azure Administrators (included with Azure subscription) | Azure Multi-Factor Authentication (included in Azure AD Premium and Enterprise Mobility Suite) |
|
Administrators can protect accounts with MFA. |
X | X (Available only for Azure Administrator Accounts) |
X |
|
Mobile app as a second factor |
X | X |
X |
|
Phone call as a second factor |
X | X |
X |
|
SMS as a second factor |
X | X |
X |
|
App passwords for clients that don’t support MFA |
X | X |
X |
|
Admin control over authentication methods. |
X | X |
X |
|
PIN mode |
X |
||
|
Fraud Alert |
X |
||
|
MFA Reports |
X |
||
|
One-Time Bypass |
X |
||
|
Custom greetings for phone calls |
X |
||
|
Customization of caller ID for phone calls |
X |
||
|
Event confirmation |
X |
||
|
Trusted IPs |
X |
||
|
Remember MFA for trusted devices |
X |
X |
X |
|
MFA SDK |
X (Requires Multi-Factor Authentication provider and full Azure subscription) |
||
| MFA for on-premises applications using MFA server |
X |
*This comparison table discussed the features that are part of each subscription. If you have Azure AD Premium or Enterprise Mobility Suite, some features may not be available depending on whether you use MFA in the cloud or MFA on-premises.
Source: https://azure.microsoft.com/en-us/documentation/articles/multi-factor-authentication/
[avatar user=”tlally” size=”thumbnail” align=”left” /] TIMOTHY (TIM) LALLY, SR. | CEO/ Founder
Tim Lally, Sr. is the founder and CEO of KTL Solutions, a full technology consulting firm. As CEO, Tim is responsible for running all facets of the business including, but not limited to, mentoring new developers, teaching accounting principles and processes, and leading the development and design of custom solutions. Tim also works directly with clients promoting lasting relationships, analyzing business processes, and providing effective solutions to improve productivity. He provides high-level guidance to KTL clients in order to help them better use technology within their organization.
With a proven, executive track record and over 20 years of experience driving sales, consulting, and development within the technology industry, Tim’s specific experience has been with Microsoft Business Solutions’ software implementation and development. Tim started implementing MAC GP in 1987 and has been working in Microsoft Dynamics GP since 1994. Tim is an inactive Certified Public Accountant with a Bachelor’s Degree in Accounting from University of Maryland.
