Advice from NCSC (the National Cyber Security Centre) is that organisations should use MFA where practicable, and this is the direction in which the academic community is moving.
In September 2019 a report commissioned by the University recommended that IS move forwards with a full assessment of Microsoft Azure's MFA capability in relation to Microsoft 365 access.
This project will investigate conditional access and multi factor authentication (MFA) on Office 365/Azure, in order to move towards university-wide use of conditional access and MFA.
There is an existing project (COM051), which will deliver MFA for a very small number of privileged accounts, and will help inform the user experience for this new project.
The project will be split into two phases:
In Phase 1 we will investigate what is realistic and practicable for IS to implement now and will deliver a range of options to the Project Sponsor.
In Phase 2 we will implement the approved option(s).
Current project status
| Report Date | RAG | Budget | Effort Completed | Effort to complete |
|---|---|---|---|---|
| August 2021 | BLUE | 182.0 days | 173.0 days | 0.0 |