We went all in with MS for SSO because we were already paying for it with EM+S E3 licenses. All internal websites, external systems that allow SAML or OAuth2 integration.
Then, cyberinsurance asked for MFA for RDP. We added DUO for that, since there’s no way to get Azure MFA to work. We only give a DUO account to the less than 5% of employees that need it.
We went all in with MS for SSO because we were already paying for it with EM+S E3 licenses. All internal websites, external systems that allow SAML or OAuth2 integration.
Then, cyberinsurance asked for MFA for RDP. We added DUO for that, since there’s no way to get Azure MFA to work. We only give a DUO account to the less than 5% of employees that need it.