Microsoft Partners need to ensure they utilise Multi-Factor Authentication (MFA) as a minimum to prevent any potential vulnerability to cyberattacks that can lead to VMs being set up to run cryptocurrency mining on their Azure accounts, as well as have multi-factor authentication turned on for anyone that has access to Azure Resource Manager.
► CSP partners need to keep Microsoft user accounts, security and sign-ins up to date
► Turn on MFA as a bare minimal security protection
► Turn on Azure Cost Manager and set budget alerts
► Together these can help protect against crypto fraud
For this reason, it’s important for partners to delete anyone who has left the business or changed roles from Azure Resource Manager and ensure that any user that has access to Azure Resource Manager has multi-factor authentication (MFA) turned on. These two defences will help protect you from potential fraud attacks. It is key to enforce MFA for both your users and your end users – anyone that has access to Azure Resource Manager. Should hackers manage to get into the Azure tenant via one of these gaps in security they can potentially start cryptocurrency mining which will cause large bills for you and your end user. As MFA is a default security feature within Azure Cost Manager and MFA is a requirement for being on the CSP programme Microsoft are not taking the hit on this fraudulent activity.
Here at TD SYNNEX we have been reaching out to partners who do not have Microsoft’s default MFA turned on for their Azure tenants and have set Azure consumption flags on your subscriptions to try and spot any unusual activity. These alerts may not always mean there is a problem, but it will be important to check them out, as it enables you to take immediate action to determine whether the behaviour is legitimate or fraudulent, should this happen to one of your subscriptions we will reach out to you. This is course is a reactive measure, to be proactive it is important to control the users that have access to your Azure tenant have the correct security measures in place to protect everyone.
There are other measures such as Granular Delegated Admin Privileges (GDAP) find out more info here – Granular Delegated Admin Privileges (GDAP) in Cloud Solution Provider (CSP) (office.com)
Contact the Team
If you want to know more about this, or any other aspect of the Microsoft CSP programme, please contact the specialist Microsoft CSP team at TD SYNNEX – just complete and submit the form below
Read more of our latest Cloud stories
