When securing cloud services like Office365 with Azure MFA , End User education and adoption is absolutely critical. Not all organisations’ can afford Azure Active Directory Premium Edition Plan 2 or M365 E5 subscriptions.
Azure Identity Protection provides dynamic protection against the following scenarios.
- Atypical travel
- Anonymous IP address
- Unfamiliar sign-in properties
- Malware linked IP address
- Leaked Credentials
- Azure AD threat intelligence
In the event of credentials being compromised the bad actor must get past the next level of authentication which will normally be the Microsoft Authenticator App or a text message.
It is critical to educate end users : DO NOT APPROVE random authentication requests. If an end user is on leave and not attempting to access their cloud resources there should be no reason to approve multi factor authentication challenges.