• deweydecibel
    link
    English
    41
    edit-2
    11 months ago

    Most companies now are being shepherded into Microsoft 365’s walled garden by their security teams. Edge is the only “secure” browser now, Teams the only “secure” chat app, Microsoft Authenticator (specifically Microsoft’s app, not DUO or anything else) is the only “secure” way to implement MFA, etc.

    It’s genuinely sad how many security professionals have been shanghaied into Microsoft salesmen.

    • @[email protected]
      link
      fedilink
      English
      6
      edit-2
      11 months ago

      We had IT people in at our shop to migrate us over to 365. They wanted me to install Microsoft Authenticator on my personal phone, so I said no. They were able to bypass MFA to sign me up.

      I asked them what would happen if someone didn’t own a smartphone (crazy I know), they had no answer for me. They basically just looked at me like I asked them the square root of pi.

      • AFK BRB Chocolate
        link
        English
        311 months ago

        That’s actually a problem where I work. There are people who carry a flip phone because they don’t want a smart phone. IT gives them a hard token for 2FA.