Microsoft 365 - Multi-Factor Authentication (MS 365 MFA)

 

Awareness Video See Instructional video

 

From July 2024 Microsoft will begin rolling out extra security measures for the MS 365 environment that will require multi-factor authentication.  This change is part of the Secure Future Initiative, which aims to strengthen security and prevent data breaches.

MFA is a security method commonly required among cloud service providers and requires users to provide two or more pieces of evidence to verify your NWU MS 365 account. It adds an extra layer of protection to the standard username and password authentication.

Currently the NWU user community only use a password to authenticate to access the MS 365 environment and it leaves an insecure vector for attack. If the password is weak or has been exposed elsewhere, an attacker could be using it to gain access. When you require a second form of authentication, security is increased because this additional factor isn't something that's easy for an attacker to obtain or duplicate.

Frequently asked Questions and Answers

What is the main purpose of using MS 365 MFA?

The main purpose of using MS MFA is to reduce the risk of compromising your NWU Microsoft account and strengthen the security of data saved online.

How can I start using MS 365 MFA?

From 15 July 2024 you can opt-in and then you will be added to a MFA-group within 24 hours.  Then you can set up the MS MFA methods.

What are the available verification methods?

These are the additonal verification methods to setup:

  • Microsoft Authenticator app.
  • SMS (Phone).

Methods that can be used to setup Microsoft 365 MFA.

Method 1

MS Authenticator App
Method 2

Send a code via SMS

How to Set Up MS 365 MFA?

Microsoft Authenticator App

After the Opt-in phase you can setup MFA by following one of the steps in the MS 365 MFA Procedure.

For extra training to setup the Microsoft Authenticator you, look at this YouTube video.

How can I check my MS 365 MFA methods?

Follow these steps.

  • Sign into the Microsoft 365 portal (office.com).

  • Select your avatar in the top right, then select View account.

  • Select Security info from the left navigation pane to see the account’s security information

What will happen when my phone is lost or if you have a new cell phone number?

Contact the relevant campus IT service desk or send an email to MS-mfa@nwu.ac.za.  The MFA sessions on your old phone will be revoked and the MFA status will be reset.

Advantages of using MS 365 MFA

  1. MFA provides added security for your accounts MFA requires additional validation of login credentials, so even if cybercriminals manage to access a user’s password, they’ll still need to confirm their identity in various ways. The more authorisation methods, the more secure accounts will be.
  2. Mitigates the Risk of Unmanaged Devices When working from home or remotely, employees sometimes use their own personal devices and less secure internet connections to reach their organisations’ networks. A compromised router can allow a hacker to install password-stealing malware on a user’s machine, and personal devices often don’t have the powerful protection installed on them that machines owned by their company do. That means these attacks often go undetected, until the hacker reaches the organisation’s network and much damage is done. With MFA, organisations no longer have to worry about the security of remote employees’ personal devices and WiFi connections.
  3.  Enables Your Other Security Measures to Work Effectively If an attacker uses stolen credentials to gain access, they can disable firewalls and anti-virus software, causing much harm. MFA prevents cybercriminals from gaining access to a network via a stolen password and, in doing so, allows other security tools to function as they should. MFA can also act as a warning system that alerts you of unauthorised attempts to gain access: employees just need to report instances where they’re asked for secondary authentication they didn’t ask for.
  4.  Increases Employee Productivity and Flexibility To promote online security, one is often encouraged to set stronger passwords and regularly update them. However, this leads to the likelihood of forgetting passwords and having to reset them, which takes time and can be annoying. MFA lets users sign in, in whichever way suits them, be it via a fingerprint scan or a single-use code generated by an authenticator app. It also enables secure remote access to the company network, which means employees can work securely from home or while travelling.
  5. Assists with Compliance Laws, such as the Protection of Personal Information Act (POPI Act), require organisations to have strong authentication processes in place, particularly if they handle and store sensitive data like personal addresses. By securing your online documents, MFA ensures you’re compliant with the laws of the country. With all these benefits, setting up MFA is definitely worth it. It’s also so easy to use!