Back to blog

Ignite 2016 New Feature Release Day 4: Multi Factor Authentication Settings

Sep 22, 2016 by Ian Byrne

Our fourth feature release ahead of Microsoft Ignite next week (26th-30th) is centred around security. The new Multi-Factor Authentication report lists the users in your organisation and their multi-factor authentication (MFA) settings. It shows whether MFA is enforced on the particular user, this is listed in the ‘MFA State’ column, and also which methods are in place in the ‘MFA Methods’ column.
If you have specific security requirements in your organisation which require multi-factor authentication, you can use this report to verify that they have been enabled for everyone that needs them. Even without specific security demands to uphold, multi-factor authentication is just good security practice, helping provide an extra layer of protection when authenticating users for Office 365. Due to its flexible, mobile nature, Office 365 is often used by employees on their own personal devices, or when they’re on the go, so if your organisation has a BYOD policy, if you have multiple users out in the ‘field’, or even if you don’t, this report will allow you to review your security configurations, enabling you to add or amend them as required.
These are the methods of authentication provided by Microsoft:
PhoneAppOTP: Show a one-time code in the application. The same smartphone app is used. Instead of receiving a notification, the user starts the app and enters the six-digit code from the app into the portal.
PhoneAppNotification: Notify me through the application. The user uses a smartphone app and they receive a notification in the app that they must confirm the login. Smartphone applications are available for Windows Phone, iPhone, and Android devices.
TwoWayVoiceAlternateMobile: Call my alternative phone number. The user receives a phone call that asks them to press the ‘#’ key. Once the ‘#’ key is pressed, the user is logged in.
TwoWayVoiceOffice: Call my office phone. This is the same as Call my mobile phone, but it enables the user to select a different phone if they do not have their mobile phone with them.
OneWaySMS: Text code to my mobile phone. The user receives a text message containing a six-digit code that they must enter into the portal
TwoWayVoiceMobile: Call my mobile phone. The user receives a phone call that asks them to press the ‘#’ key. Once the ‘#’ key is pressed, the user is logged in.
As you can see, the report lists the user and their details, and then provides information on whether MFA is enforced and the methods in place.
The report can be filtered, by your chosen specifications at the top of the report, using the ‘Report Filters’ button, or based on MFA state (located just above the table), enabling you to quickly see who has it enforced and who doesn’t. As with all Cogmotive Reports, the Multi-Factor Authentication report also includes full save, schedule, export and send functionality.
Want to know who has Multi-Factor Authentication enforced in your organisation? If you have a Cogmotive Reports subscription why not log in and find out?
If you haven’t tried Cogmotive Reports yet, why not sign up for a free 14-day trial, and see what detailed, automated, powerful Office 365 reporting could show you.
Cogmotive is the leading global provider of enterprise level reporting and analytics applications for Office 365. Find out more now.