Prompt CSP partners to enable a security policy
Appropriate roles: Security Administrator | Security Reader | Admin Agent
Applies to: Partner Center direct-bill partners and indirect providers
Microsoft Cloud Solution Provider (CSP) partners are required to enable a security policy that mandates multifactor authentication (MFA) for all users by enabling either a security defaults or Conditional Access policy.
Enabling a security policy that turns on MFA for all users helps protect your organization from identity-related attacks that are common in today's environments, like password spray, replay, and phishing.
Microsoft is making these preconfigured security settings available to everyone, because we know that managing security can be difficult. Based on our learnings, more than 99.9% of those common identity-related attacks are stopped by using MFA and blocking outdated authentication. Our goal is to ensure that all organizations have at least a basic level of security enabled at no extra cost through security defaults.
Check MFA posture
CSP direct-bill partners and indirect providers can check their tenant MFA posture by visiting the Security workspace in Partner Center:
- Sign in to Partner Center, and then select Security.
- Select MFA statistics.
- Review the MFA policy details information by scrolling down.
Important
If your security defaults or Conditional Access policy is currently disabled on your tenant, we recommend that you immediately contact your tenant's Security Administrator to enable a policy that mandates MFA for all users.
Enable a security policy
CSP partners who don't have a security defaults or Conditional Access policy enabled are prompted with a reminder to do so when they open any of the pages in the Security workspace. They can use the following instructions. It can take up to 24 hours for the data to reflect the policy configuration.
To learn how to enable a security defaults policy, see Security defaults in Microsoft Entra ID.
To learn how to enable a Conditional Access policy, see What is Conditional Access?.
You can learn more about the license requirements for a Conditional Access policy.
You'll continue to be prompted until your tenant is enabled with a security policy that mandates MFA for all users.
To learn more about the policies, their coverage, and how to enable them, see Multifactor authentication for Microsoft 365.