Control: 1.2 Ensure that multi-factor authentication status is enabled for all non- privileged users
Description
Enable multi-factor authentication for all non-privileged users.
Multi-factor authentication requires an individual to present a minimum of two separate forms of authentication before access is granted. Multi-factor authentication provides additional assurance that the individual attempting to gain access is who they claim to be. With multi-factor authentication, an attacker would need to compromise at least two different authentication mechanisms, increasing the difficulty of compromise and thus reducing the risk.
Note: By default, multi-factor authentication is disabled for all users.
Remediation
From Console
- Log in to Azure Active Directory
- Go to
Users
- Go to
All Users
- Click on Multi-Factor Authentication button on the top bar
- Ensure that MULTI-FACTOR AUTH STATUS is
Enabled
for all users
To enable MFA
Follow Microsoft Azure documentation and setup multi-factor authentication in your environment.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.cis_v140_1_2
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.cis_v140_1_2 --share
SQL
This control uses a named query:
ad_manual_control