Skip to main content
0%

MFA (Per User)

Customer knowledge baseFeaturesSecurity Risks and BaselinesBaselinesBaseline GuidesBaselinesGroup Baselines

MFA (Per User)

Who is this For?

The MFA (Per User) group baseline is a great option for clients with the Business Basic license (over those who otherwise don't have Azure AD Premium with Conditional Access Policies).

Enhancement Aug 2024

This baseline deprecates an existing MFA per user baseline. It adds the functionality to better evaluate the MFA state and to remediate directly from Octiga.

A note on "Legacy MFA"

Microsoft calls this "Legacy MFA" and segregates it from an old UI.

However, it is fully functional, granular (unlike security defaults), and great for clients who don't have Azure Ad Business Premium.

How?

Simple -

  1. Add the baseline, probably to your default group

  2. Set the desired value to enabled/enforced

  3. Remediate any users you wish to remediate

  4. Set Group (Group Baselines) or User Baselines (Exceptions) for any users who must not have MFA or for who we don't care about

0%
0%