MFA, CSP and Customer requirements
This is probably a dumb question but, here it goes anyway.
Is there any requirement yet, that each customer in the CSP have their admin accounts set to use MFA? I have enabled MFA for our Partner Portal using Azure AD security defaults. Just wondered if I also need to go and set up Azure Active Directory baseline policies- Require MFA for admins within each customer? In our company, we have users who use the partner center, and other who log in directly as the customer's admin account. Any direction is appreciated.
AzureAD Security defaults will replcae baseline policies, if you have enabled the defaults the baseline policies are being removed and can never be used again.
The CSP Partner Security requirements apply to every user in your Partner tenant, not just those who use Partner Center (But AAD security defaulst take care of that).
If user can use Partner Center and have admin agent role, they can also access the customer tenant, generaly there is no need to use an admin account created in the customer tenant.
To the question if this is required for customer - no, this is mentioned in the FAQ
Are my customers subject to the partner security requirements?
No, it is not required that you enforce MFA for each user in your customer's Azure AD tenants. However, it is recommended that you work with each customer to determine how best to protect their users.
Get consultations form Technical Presales & Deployment services team via https://aka.ms/technicalservices