This is the second blog in a multi part series helping admins, service providers, consultants and security admins to check and achieve a level of security control in Office 365. Part 1 of this series covered the basic PowerShell commands for Authentication through CIS, here we will talk about ‘Audit’.

Microsoft engineers shared that 99.9% of compromised accounts forgot to turn on MFA. Despite so many warnings and proof of the efficacy of MFA, an M365 security report by Coreview reveals that 78% of M365 administrators do not have MFA activated. Isn't that crazy? It's not always perfect (phishing, social engineering and password brute-force attacks, device theft etc.); nevertheless, it is clearly better than not having it. However, if not implemented with care, it can create headaches for MSPs.