View on GitHub

cloud-guardrails-O365

Recommended configuration guidance for Microsoft O365 / Conseils de configuration recommandés pour Microsoft O365

Use Multi-Factor Authentication

Objective

Multi-factor authentication (MFA) is a method of authentication that requires the use of more than one verification method such as

MFA adds a second layer of security to user sign-ins and transactions. It provides an additional layer of protection to a strong password strategy by providing a way of ‘double checking’ that you really are the person you are claiming to be when you’re using online services. With MFA in place, Office 365 user accounts are still protected against unauthorized access even if a user’s password is compromised.

Key Considerations

Validation

References

  1. Directive on Security Management - Appendix B: Mandatory Procedures for Information Technology Security Control, subsections B.2.3.2.4
  2. SPIN 2017-01, subsection 6.2.3
  3. CSE Top 10 #3
  4. Refer to CCCS ITSP.30.031 V2 User Authentication Guidance for Information Technology Systems
  5. Refer to CCCS ITSAP.30.030 Secure Your Accounts and Devices With Multi-Factor Authentication
  6. Refer to the Guidance on Cloud Authentication for the Government of Canada
  7. Refer to the Recommendations for Two-Factor User Authentication Within the Government of Canada Enterprise Domain
  8. Related security controls: AC‑2, AC‑2(1), AC‑3, AC‑5, AC‑6, AC‑6(5), AC‑6(10), AC‑7, AC‑9, AC‑19, AC‑20(3), IA‑2, IA‑2(1), IA‑2(2), IA‑2(11), IA‑4, IA‑5, IA‑5(1), IA‑5(6), IA‑5(7), IA‑5(13), IA‑6, IA‑8