You can add Multi-Factor Authentication (MFA) protection for clients accessing documents shared via FYI Collaborate.
Two Factor Authentication should be set up to a secondary device such as an authenticator phone app or to send a text to a mobile phone number. As the link to the document is sent to the same email as the link, this ensures security if the email has been compromised.
Important Notes:
- This is a configuration within Microsoft 365. FYI is therefore not able to provide support for any possible issues that relate entirely to external access via MFA.
- We recommend that your IT consultant is involved in the policy testing and configuration as the required changes relate to Microsoft 365 rather than to FYI.
- Your Azure administrator will need to configure the settings for external users:
- MFA will apply for all guest and external shared access.
- Clients will need to be educated on using either SMS for a text message sent to a mobile phone or on the Microsoft Authenticator app.
- We suggest that you should expect some support requests from your clients, such as occasionally having to reset the MFA settings for clients.
Refer to the following Microsoft help articles to assist with the setup.
- Tutorial: Enforce multi-factor authentication for B2B guest users.
First pass this to your IT consultant and discuss the pros and cons.
Note: When prompted "Cloud apps or actions" (steps 9 and 10 in the section "Create a Conditional Access policy that requires MFA" in the Tutorial) FYI have tested this with "All cloud apps" selected. Check with your IT consultant if they want to refine this.
- Common problems with two-step verification for a work or school account
- Download and install the Microsoft Authenticator app
- Add your work or school account to the Microsoft Authenticator app
- Add non-Microsoft accounts to the Microsoft Authenticator app.