Update MS.AAD.3.3v1 Policy name and description now that the policy has been decoupled with MS.AAD.3.1v1 #1584
Assignees
Labels
baseline-document
Issues relating to the text in the baseline documents themselves
Milestone
Comments
ahuynhMITRE
added
the
baseline-document
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
💡 Summary
What is the work, as a high-level summary?
Rego checks were updated to test MS.AAD.3.3v1 with authenticator found in issue #1484, as a result the policy has been decoupled from MS.AAD.3.1v1 and needs to update the policy and description.
Motivation and context
Why does this work belong in this project?
This would be useful because the baseline policy needs to be aligned with the implementation of the new rego checks.
Implementation notes
New policy name:
If Microsoft Authenticator is enabled, it SHALL be configured to show login context information.
New policy description:
Rationale: This policy helps protect the tenant when Microsoft Authenticator is used by showing user context information, which helps reduce MFA phishing compromises.
Acceptance criteria
How do we know when this work is done?
The text was updated successfully, but these errors were encountered: