Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Non-Privileged Users
Why This Matters
Multi-factor authentication (MFA) is one of the most effective controls to prevent account takeover attacks. Without MFA enabled, a single compromised password for a non-privileged user can give an attacker a foothold in your tenant, potentially leading to lateral movement and privilege escalation. Enforcing MFA for all non-privileged users significantly reduces this risk and is a foundational security practice recommended by CIS.
What Aether365 Checks
Aether365 verifies that all non-privileged users in Microsoft Entra ID have the per-user multi-factor authentication status set to "Enabled." This check appears in the Aether365 dashboard under the Entra ID section.
How to Fix
To enable per-user MFA for non-privileged users through the Azure portal, follow these steps: