Question: Sign in Risk policy for automatic mitigation

Hello all,

In looking at applying a Sign-in risk remediation policy, our group had a question about the controls section. If an org does not yet have MFA rolled out to everyone and the control is “Require multi-factor authentication”…wouldn’t this increase the risk as the theoretical bad guy that logged in, now gets the MFA setup prompt and could step through MFA?

Edit: -or- does it work more like: At every sign-in, risk is evaluated BEFORE a login is processed and, if the risk is at or above the threshold in the policy, the sign-in is stopped barring MFA?

submitted by /u/Optimus_Composite
[link] [comments]

Leave a Reply