Ensure Multi-factor Authentication is Required to access Microsoft Admin Portals
Why This Matters
Administrative portals like Microsoft 365 Admin Center, Azure Portal, and Exchange Admin Center are high-value targets for attackers. If a single admin account is compromised using only a password, an attacker could gain full control over your entire Microsoft 365 environment, change security settings, access sensitive data, and cause widespread disruption. Requiring multi-factor authentication for these portals drastically reduces the risk of credential theft being used to perform unauthorized administrative actions.
What Aether365 Checks
Aether365 verifies whether a Conditional Access policy is configured to require multi-factor authentication for all users accessing Microsoft Admin Portals. This check appears in the Aether365 dashboard under the entraid-1106 entry within Microsoft Entra ID checks.
How to Fix
Follow these steps to create or update a Conditional Access policy that enforces MFA for admin portals.