Complete Webinar Transcript: Multi-Factor Authentication
Adam: Thanks for joining our webinar today. My name is Adam Lee from Microsoft Gold Partner PEI. Today we’ll be discussing the importance of multi-factor Authentication and how it’s essential in securing both admin and end-user accounts.
MFA is so important because a username and password is no longer secure enough when it comes to identity access. Remember, these attackers are in business to make money. They are using the best resources and constantly evolving their techniques to increase their success rate. It’s not a matter of if attackers figure out usernames and passwords it’s when. So we really need to be proactive—both on the partner side and the end-user side.
Although securing user identities is relevant across the entire tech industry, we’ll be focusing on why you should enable MFA for Office 365 users. It does not matter your company size, industry, or location; you have data (or even money) that can be stolen or held for ransom.
We’re joined today by Microsoft superstar Kevin Martins to discuss this topic. Kevin is a Partner Technical Architect at Microsoft and an all-around stud!
Kevin, thank you for joining us today.
Kevin: Thanks Adam, that’s quite the introduction. Let’s get started.
Question One: Using Data to Examine the Threat Landscape
Adam: So Kevin, tell me more about what Microsoft is seeing today with these attacks.
Kevin: So first of all, thank you for highlighting that this is not just a Microsoft problem as that is so true. All types of cloud identities are under attack from the account you use for work to the account you sign into your bank with. You name it, and the service is under attack. I see logs all of the time that show that.
Microsoft spoke at Ignite 2019 about the types and level of attacks they see. Now remember that Microsoft has over 200+ products and services that it must keep secured. For example, in December 2019 there were over 1.2 billion Windows devices, over 1 billion Azure user accounts, and over 65 million Xbox accounts. That comes out to 630 billion monthly authentications and so much more.
There’s a lot of telemetry coming in from all of these different types of services. All of this equates into over 8 trillion signals every day that Microsoft analyzes. The artificial intelligence in place enables them to understand a good logon vs. a malicious attempt as they continuously learn about evolving attacks. This data is analyzed and deployed across Microsoft’s Intelligent Security Graph to help secure all of these 200+ services.
And how do most of these users log in? With just a simple username and password. Again, not just with their Microsoft accounts, but with all of their user accounts. This is nothing in the eyes of the attacker. To properly secure identity accounts, MFA must be enabled.