Tech Thursday: How to Enable Multi-Factor Authentication in Office 365

Tech Thursday: How to Enable Multi-Factor Authentication in Office 365

Last week we covered why enabling multi-factor authentication is so important. With password misuse and credential stuffing attacks a common occurrence, it’s more urgent than ever to enable multi-factor authentication (MFA) to protect your company’s data.

Microsoft has made it simple for Office 365 subscribers to use MFA. With proper planning and good communication you can successfully implement Microsoft’s multi-factor authentication for Office 365 in your organization.

Plan your deployment

Office 365 gives you granular control over how you roll out MFA. Identify users that have access to sensitive or high-risk data, and make these a priority. Your admin accounts should be at the top of your list; if they get breached, an attacker could easily gain access to all your company’s data.

If your company uses Office 2016, adding MFA will be a seamless experience. If you’re using Office 2013 or other products in conjunction with Office 365, you may need to check other prerequisites.

it’s a good idea to enable MFA for a test group first. In smaller organizations, this might only be yourself. This will help you to see any pain points that users might experience.

Communicate clearly with your workers what they can expect to happen before you enforce MFA. Since each user will need to enroll in MFA once you enable it, send them a guide or Microsoft’s official documentation on how to set it up. Establish a specific time to make the change. This will ensure as smooth a deployment as possible. Also, consider adding your MFA documentation to your new employee onboarding process so that new user accounts are protected from day 1.

Deploy MFA for individual accounts

Open the Office 365 Admin Center

Navigate to Users > Active Users

Under the More menu, select Setup Azure multi-factor auth.

Select the check box for each user to you’d like to enable MFA for.

Under the quick steps menu, select Enable.

A dialog box will open, select enable multi-factor auth.

Deploy MFA by Bulk Upload

If you want to enable hundreds or thousands of users for MFA at one time, use the bulk upload option.

Create an Excel document with two columns, Username and MFA Status.

Under the username column, add the full login name for each user: juser@yourcompany.com.

Under MFA Status, enter “Enabled” (without quotes) on each line.

Save the spreadsheet as a CSV. Go to File > Save As > Browse > Save as type: > CSV (Comma delimited)

Open the Office 365 Admin Center

Navigate to Users > Active Users

Under the More menu, select Setup Azure multi-factor auth.

Select bulk update.

Click Browse for file and then Open the file you created in the proceeding steps.

Select Next and Next again after the file has been checked.

After the process finishes, select Done.

Evaluate results

After deploying MFA to your organization use the Setup Azure multi-factor auth page to review which users haven’t finished enrolling. If their status is Enabled, they still need to complete the registration steps.

Enabling MFA in Office 365 is one of the best ways to protect your organization against data breaches. Having a prepared rollout plan will ensure a smooth process for your end users and better security for your company.