Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Privileged Users
Why This Matters
Privileged users with administrative access to Azure resources represent a high-value target for attackers. Without multi-factor authentication (MFA), a single compromised password can grant full control over subscriptions, resources, and data. Enforcing MFA dramatically reduces the likelihood of account takeover by requiring two separate authentication factors.
What Aether365 Checks
This check verifies that multi-factor authentication is enabled for all privileged users including Service Co-Administrators, Subscription Owners, and Contributors. It appears in the Aether365 dashboard under the Entra ID checks section as ENTRA.1140.