Do you have the correct MFA settings in your conditional access policy?
Fortunately, the realization and necessity to use MFA has penetrated many administrators. But are the settings set via a conditional access policy the correct settings? At a number of organizations I have now come across that have a single conditional access policy configured where users are members of a security group when logging in must…