How it works...
The Conditional Access functionality in Azure Active Directory requires Azure AD Premium P1 licenses. However, some policies are important enough to fall outside the scope of this license requirement. Microsoft calls these policies Baseline policies.
The Baseline policy: Require MFA for admins is an important policy, because multi-factor authentication (MFA) reduces the risk of hostile takeovers for an Azure AD account by 99.9%.
The Baseline policy: Require MFA for admins requires Azure AD accounts that have the Global administrator, SharePoint administrator, Exchange administrator, Conditional Access administrator and/or Security administrator role to perform multi-factor authentication for every sign-in. For some applications, ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access