It has proven ineffective and is not recommended for the modern IT environments especially when authentication flows are exposed to the internet as is the case for Office 365. Terms & Definitions Authentication Methodsīasic Authentication, in the Office 365 suite, is a legacy authentication mechanism that relies solely on username and password. This information is based on internal research performed by the Okta security team and does not constitute a replacement for Okta documentation addressing Office 365 configuration for Okta. This document covers the security issues discussed above and provides illustrative guidance on how to configure Office 365 with Okta to bridge the gap created by lack of MFA for Office 365. It has become increasingly common for attackers to explore these options to compromise business email accounts. However, Office 365 uses several authentication methods and access protocols, including options that do not support MFA in their authentication flow. Okta’s customers commonly use a combination of single sign-on (SSO), automated provisioning, and multi-factor authentication (MFA) to protect their Office 365 tenants against the aforementioned attacks. The most commonly targeted application for these attacks is Office 365, a cloud business productivity service developed by Microsoft. They continuously monitor and rapidly respond to these attacks to protect customer tenants and the Okta service. Okta’s security team sees countless intrusion attempts across its customer base, including phishing, password spraying, KnockKnock, and brute-force attacks.
Most of these applications are accessible from the Internet and regularly targeted by adversaries. As the leading independent provider of enterprise identity, Okta integrates with more than 5500+ applications out-of-the-box.
0 kommentar(er)
