Control: 1.2 Ensure that multi-factor authentication is enabled for all non- privileged users
Description
Enable multi-factor authentication for all non-privileged users.
Multi-factor authentication requires an individual to present a minimum of two separate forms of authentication before access is granted. Multi-factor authentication provides additional assurance that the individual attempting to gain access is who they claim to be. With multi-factor authentication, an attacker would need to compromise at least two different authentication mechanisms, increasing the difficulty of compromise and thus reducing the risk.
Note: By default, multi-factor authentication is disabled for all users.
Remediation
From Console
- Log in to Azure Active Directory
- Go to
Users - Go to
All Users - Click on Multi-Factor Authentication button on the top bar
- Ensure that MULTI-FACTOR AUTH STATUS is
Enabledfor all users
To enable MFA
Follow Microsoft Azure documentation and setup multi-factor authentication in your environment.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.cis_v130_1_2Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.cis_v130_1_2 --shareSQL
This control uses a named query:
ad_manual_control