At our Dec. 5 IS town hall, Rick Stover, CTO and SVP of TEO, shared how single sign-on with multifactor authentication (MFA) is yet another facet of remote access and security that Azure will support for PSJH. He also mentioned how we’ll be testing tools like MFA via Azure SSO within IS to ensure they function smoothly before releasing them to other PSJH Shared Services groups and then to the wider enterprise – the practice known as “dog fooding.”
MFA is an authentication method in which a user is granted access only after successfully presenting two or more pieces of evidence (factors) to an authentication mechanism. A good example of multi-factor authentication is logging into an online bank account. Only the correct combination of UserID & PIN/password and verification of a security element allows access.
MFA was already enabled in both Okta environments (psjh.okta.com and stjoe.okta.com). However, now that we have completed the Okta to Azure transition and decommissioning of Okta on December 1, the next step is to enable Azure MFA, which will ensure the same level of security experienced in Okta. Azure MFA will be enabled for all Microsoft-authenticated applications, both web-accessed and mobile-accessed. Azure MFA for Microsoft authenticated applications on desktops will be applied at a later date.
IS rollout of Azure MFA within IS
- Browser-accessed applications – Sunday, December 8, 2019
- Mobile-accessed applications – Monday, December 16, 2019
Wider PSJH rollout of Azure MFA
- Browser-accessed applications within Shared Services – Early January
- Mobile-accessed applications within Shared Services – Early January
- Browser-accessed applications across PJSH – Late January
- Mobile-accessed applications across PSJH – Late January
Get ready
See this full overview of the coming changes to remote and mobile application access, including how to proactively set up your additional security factor, training resources, as well as more details of how our mobile applications policy will impact the caregiver experience with remote access applications.
More resources
Join one of the weekly Friday OneTeam Live! sessions to ask your questions about Azure SSO/MFA and other Microsoft Modern Workplace solutions.