Office 365 MFA (Multi-Factor Authentication): Why You Should Enable It

Office 365 MFA (Multi-Factor Authentication): Why You Should Enable It

By WatServ
February 4, 2021

What is MFA?

Multi-factor authentication (MFA), is the ability to verify a login with at least one other verification point, beyond a single password. MFA for Office 365 is included as part of the Office 365 subscription at no additional cost.

Who should be using MFA?

Today, all users should be leveraging this security feature. In the recent past, multi-factor authentication (MFA) was only available to the most security-conscious companies. Large capital and operational costs kept this functionality within the realm of the large enterprise, which considered perimeter security essential to their business. In today’s climate of cybersecurity breaches, secure authentication practices are mandatory to avoid corporate embarrassment and hefty financial consequences. Also, the advent of the smartphone provided alternatives to the hard token smart cards. Soft tokens provided a simpler distribution method and simplified an IT or security department’s operational costs, but the supporting infrastructure, software, and integration still intimidated interested organizations. Public cloud and SaaS products existing outside of the borders of an Enterprise forced providers to meet the security requirements existing on-premise.

Why should I implement MFA?

Today, not having MFA enabled on public cloud services poses a tremendous security risk. MFA immediately reduces phishing and social engineering attacks by forcing an employee to accept and verify a login attempt. Passwords can be breached without exposing corporate data to the hacker. Secondarily, a verification request notifies the end user that something is amiss with their password, giving them the opportunity to update it and investigate how the password was compromised.

How do I implement it?

Enabling MFA in Office 365 is simple. Microsoft highly recommends enabling MFA for administrators at a minimum. Selectively enabling MFA provides organizations the opportunity to slowly roll out this essential security feature to minimize the impact on the support organization.

Logging in with a Global administrator on your tenant will bring you to the administrator portal for MFA. Once there, simply select the individual users you want to enable it for, then click enable. The next time they log in they will be prompted to set up their alternate access methods and preferred mechanism for verification.

How does it work?

When the user first logs in, they will be required to configure their alternate access method and verify it works. This alternate access method can be either a smartphone with the Microsoft Authenticator app installed, a phone number that accepts text messages, or an alternate email address. The Microsoft Authenticator app also provides a rotating number that can be used as the second factor. The image below shows an example of an ‘Approve sign in request’, on a smartphone using this app.

After verification, the user has full control over the MFA settings.

…not so fast!

Not all applications use Microsoft’s modern authentication method which supports MFA. If you aren’t using the Outlook app on your mobile phone, you will need to generate a highly complex app password to allow you to authenticate without the second factor. Microsoft recommends you create a unique app password per device so that it can be deleted in the event you lose that device. Once generated, copy the password to your clipboard – as this password will not be generated or seen again (see below). You can simply create a new password if you lose, or need to reset it. A user can manage their app passwords at this link: Click Here

Creating a new password is easy and quick. See the steps below to create an app password.

  1. Create a name for your app password
  2. Copy the new password to your clipboard

WatServ demonstrates best-in-class capability and market leadership through proven technology and customer commitment.​

About

WatServ is an IT solutions provider that helps organizations digitally transform through cloud technologies and managed services.

Serving clients as a trusted advisor since 2006, WatServ provides experience-tested, strategic solutions across all stages of the digital transformation journey. Clients choose WatServ to migrate infrastructure and applications to the cloud, secure critical data, implement disaster recovery, deploy virtual desktop, enable data-readiness for productivity solutions and manage IT environments.

Our clients span a broad range of industries, and we’re a global supplier of IT services for many Brookfield Portfolio Companies. To help our mid-size clients, we provide scalable offerings that simplify cloud adoption and drive business optimization. For enterprise clients, we co-create cloud solutions that enable stability and efficiency for complex IT tools and processes.

With more than 15 years of experience, WatServ has a track record of delivering quantifiable business results and a superior client experience. Ranked as one of Canada’s Top 100 Solution Providers for the last three years in a row, WatServ is always on.

WatServ Achieves SOC 2 Certification for CloudOps Managed Services

SOC 2 Certification for CloudOps with WatServ

WatServ Achieves SOC 2 Certification for CloudOps Managed Services

By WatServ
February 4, 2020
In December 2019, WatServ achieved SOC 2 certification for its CloudOps Managed Services based on an audit of its Type I report.

Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 is an auditing procedure that ensures service organizations manage customer data using controls for security, availability, processing integrity, confidentiality and privacy.

WatServ’s SOC 2 report focuses on the three trust service principles that are of greatest importance to our customers:

  • Security Principle: This principle addresses the protection of system resources against unauthorized access. Access controls help prevent potential system abuse, theft or unauthorized removal of data, misuse of software and improper alteration or disclosure of information. WatServ uses various tools and technologies to ensure our customers’ information and systems are protected. For instance, we use firewalls, two factor authentication and intrusion detection to help prevent security breaches that can lead to unauthorized access of systems and data.
  • Availability Principle: This principle addresses the accessibility of WatServ’s or customers’ systems, products or services, as stipulated by a contract or service level agreement (SLA). Actions WatServ takes to ensure availability include monitoring network performance and availability, as well as providing disaster recovery, site failover and security incident handling.
  • Confidentiality Principle: This principle addresses controls that aim to restrict the access and disclosure of confidential data. At WatServ, the controls we have in place to meet these criteria include encryption, data loss prevention, backups and more.

WatServ was awarded with a SOC 2 certification Type I report with an unqualified opinion and no exceptions – the highest possible achievement. The award comes after a lengthy process of reviewing our practices, collaborating with customers to understand their requirements, and documenting our processes, procedures and controls.

What Does this Mean for Our Customers?

This achievement demonstrates WatServ’s commitment to ensuring continued operational effectiveness and assurance.

WatServ has always partnered with services providers who are SOC 2 certified for services such as data center hosting. Our SOC 2 Type I report now confirms service excellence and control for all facets of our CloudOps Managed Services.

Want to learn more about our CloudOps Managed Services? Find out more!

WatServ demonstrates best-in-class capability and market leadership through proven technology and customer commitment.​

About

WatServ is an IT solutions provider that helps organizations digitally transform through cloud technologies and managed services.

Serving clients as a trusted advisor since 2006, WatServ provides experience-tested, strategic solutions across all stages of the digital transformation journey. Clients choose WatServ to migrate infrastructure and applications to the cloud, secure critical data, implement disaster recovery, deploy virtual desktop, enable data-readiness for productivity solutions and manage IT environments.

Our clients span a broad range of industries, and we’re a global supplier of IT services for many Brookfield Portfolio Companies. To help our mid-size clients, we provide scalable offerings that simplify cloud adoption and drive business optimization. For enterprise clients, we co-create cloud solutions that enable stability and efficiency for complex IT tools and processes.

With more than 15 years of experience, WatServ has a track record of delivering quantifiable business results and a superior client experience. Ranked as one of Canada’s Top 100 Solution Providers for the last three years in a row, WatServ is always on.