Ensure Multi-factor Authentication is Required for Azure Management
Why This Matters
Without requiring multi-factor authentication for Azure Management, privileged accounts remain vulnerable to password-based attacks such as phishing and credential theft. If an attacker compromises an administrative account, they can gain unrestricted access to Azure resources, potentially leading to data breaches, service disruptions, or financial loss. Enforcing MFA reduces this risk by adding a second authentication factor that attackers cannot easily bypass.
What Aether365 Checks
Aether365 verifies that a Conditional Access policy exists requiring MFA for all users accessing Azure Management. This check is visible in the Aether365 dashboard under the entra-id compliance section and is flagged as medium severity.