Protect Microsoft 365

Guarding the keys to your kingdom.

Microsoft 365 (M365) is one of the most widely used collaboration suits on the planet. M365 is your organization’s town square where appointments are held, business is discussed, plans are worked on, and all assets are stored. It’s the hub at the center of your professional kingdom. It is also an environment that needs to be guarded and kept safe. You can’t afford unauthorized access to M365. This is why robust modern authentication becomes so important. MFA 2.0 (Multi Factor Authentication) is the gate keeper - the guard protecting the realm from unwanted intruders.

AuthN by IDEE is your defense against all credential phishing, password-based attacks (including adversary-in-the-middle or AiTM attacks), which protects your systems against account takeover. And here is how easy it is to integrate.

Request a demo
AuthN by IDEE webpage section titled 'Protect Microsoft 365' highlighting the importance of securing Microsoft 365 with phish-proof MFA. Text explains the benefits of robust authentication and preventing unauthorized access to M365 accounts, with a demo request button at the bottom.

Discrete Authentication

With AuthN same-device MFA, your new login and authentication flow is smoother than Sean Connery’s James Bond! In fact, it is so discrete, that you’ll barely notice it.

1.

Users still visit the same URL, but they will be redirected to AuthN for login.

2.

Then they are asked to unlock their device (however they usually do this, such as facial recognition, PIN, Windows Hello, Touch ID, or whatever it might be)!

3.

As soon as the user has unlocked his or her device, they have authenticated and logged in.

Microsoft x AuthN Integration in Just a Couple of Clicks!

Integrating Microsoft 365 has never been easier. With just a couple of clicks you can federate your domain with our simple and rapid no-code integration.

The only pre-prerequisite is that you already have a Microsoft account with global admin privileges, and you have an AuthN by IDEE account with admin access to the integration portal, then you just follow these few quick steps.

Request a demo

Your Step-by-Step Guide

You’ll need to login to the integrations portal and then follow these simple steps:

1.

Click on “Add Integration” and select Microsoft 365

2.

Name your integration

3.

Go to “Service Provider Metatdata” and enter your domain name

4.

Go to “federate your Domain Now” and click “Grant Access”

5.

In your Microsoft tenant account click on “federate Domain”

6.

Click on “Okay” and save changes!  - You’re all done!

What Microsoft 365 Services are Supported?

Everything within your account is protected:

Microsoft Outlook Icon - Symbolizes protection of Outlook’s email services.

Microsoft Outlook

SharePoint Icon - Represents protection of SharePoint and OneDrive file storage.

SharePoint, Exchange Online, OneDrive

Word, Excel, PowerPoint Icon - Indicates security for Office applications.

Word, Excel, PowerPoint

Teams Icon - Denotes safeguarding of Teams

Microsoft Teams

Calendar Icon - Secures calendar management.

Microsoft Calendar

Forms Icon - Protects Microsoft Forms.

Microsoft Forms

Chat Icon - Represents security for Microsoft Chat.

Microsoft Chat

Additional Services - Covers all other Microsoft 365 services.

And everything else that is available beyond your login….

Fingerprint used for Biometric Authentication MFA

And yes, we also protect any legacy password-based systems.

AuthN by IDEE seamlessly integrates with on-premises LDAP or Active Directory (AD) through federation protocols. Thereafter, any application can be seamlessly accessed via MFA 2.0 and without passwords.

In addressing the needs of legacy systems reliant on passwords, AuthN by IDEE offers seamless integration with reverse proxy, Zero Trust Network Access (ZTNA), Secure Access Service Edge (SASE) and Virtual Private Network (VPN) solutions. By enforcing phish-proof Multi-Factor Authentication (MFA 2.0) prior to password entry, AuthN ensures robust security measures are in place. This approach guarantees that only authenticated users that have the appropriate access rights to the designated application, and that have successfully completed the MFA 2.0 process, are permitted to enter passwords and gain access, thereby fortifying system security comprehensively.

Old Computer Icon - Represents securing legacy systems and applications reliant on outdated authentication methods.
Person using a laptop to showcase the ease of use and security of AuthN by IDEE’s MFA solution, emphasizing WebAuthn for friction-free, same-device authentication.

Chose An Authentication Method That’s Right for You

We highly recommend you use WebAuthn which is the phish-proof, friction-free, same-device MFA method. However, you do have choices and, it is up to you. Supported authentication methods include:

  • WebAuthn
  • FIDO2 Security Key
  • PUSH
  • QR

Web-Authn offers the highest level of protection. We ensure that your digital identity is secure from phishing and password-based attacks throughout the entire lifecycle, which is why Web-Authn is our preferred and recommended option.

Device Requirements

Web-Authn works on any computer with a TPM chip (most machines from 2016 onwards have this) and/or any smartphone with a secure enclave or secure element is also compatible.

The following popular browsers are supported:

  • Microsoft Edge
  • Chrome
  • Safari
  • Internet Explorer 7 or higher
Computer screen displaying IDEE login page with browser compatibility for Microsoft Edge, Chrome, Safari, and Internet Explorer.

User Enrolment

Register A New Device in Seconds!

AuthN by IDEE ensures that only a trusted user can access a trusted service on a trusted device when the user is proven to be in control. User devices, therefore, must be registered. It only takes a few seconds for a user to register their device.

Here’s how it works in just a couple of clicks:

User enrolment is easy!

1.

User goes to portal.office.com and signs in

2.

They will be redirected to AuthN by IDEE to set up their device.

3.

The user simply unlocks their device, using facial recognition, PIN, Windows Hello, or fingerprint.

3.

They will receive a secure magic link via email.

3.

The user clicks on the link which opens a new tab in the browser.

3.

User clicks ‘accept’ at which point they have registered their device. [celebration emoji]

Now every time a user wants to login to their M365 account, they just unlock their device. That’s all.

Request a demo
Fingerprint used for Biometric Authentication MFA

Fallback Procedures

We don’t just eliminate credential phishing; we also eliminate the stress associated with account recovery!

Person looking to the side with a thoughtful expression, captioned 'No More Passwords. At All. Ever!' Text below explains IDEE’s solution is fully passwordless, removing the need for passwords, even for account recovery.

No More Passwords. At All. Ever!

Passwords are phishable so we don’t use them. Ever. Our solution is end-to-end passwordless which means we will never ask users to create a password – not even for account recovery.

Button
Person smiling confidently, captioned 'No More Phishable Back-up Recovery Methods.' The description explains that IDEE’s system eliminates the need for phishable backup recovery methods or fallback passwords and offers secure identity proofing for account recovery.

No More Phishable Back-up Recovery Methods

Because everything you need is already housed within the secure hardware of your registered device, there is no need for phishable backup Authenticator codes, or any fallback to passwords in case you need to recover your account. In the unlikely event that you do lose access to your trusted device (which is likely to be your work machine), you simply re-establish trust on your new one using secure identity proofing or setup the new device from an existing device using transitive trust. Phew!

Button
Person looking satisfied with a subtle smile, captioned 'Reduce Account Recovery.' The text emphasizes that IDEE’s same-device MFA reduces the need for separate keys or tokens and minimizes account recovery scenarios.

Reduce Account Recovery

Same-device MFA means no separate keys, or tokens which can be misplaced. Kiss goodbye to expensive hardware replacements and reduce the many reasons to bother IT (hopefully they won’t get lonely)!

Button

Frequently asked questions

How does a new user set up their PC on an Azure AD (Active Directory) federated domain when they do not have access to their mailbox?

For new PCs (Out-of-the-box experience) and/or Intune setup, admins can generate an Access Key from the Integration Portal or use Microsoft’s Temporary Access Pass (TAP) and provide it to the user so the user can set up their PC.

How can a user set up an additional device when he or she has already enabled one Web-AuthN-device?

The user needs to go to the device that is already setup and start adding an additional device from there. This is called Transitive Trust, and it ensures that a second device cannot be set up without the user’s approval.

What happens when I reset my account?

For security, all authenticator devices are deleted and access to the Integration Portal (if you are an admin) is removed. If you are an admin you will need to contact IDEE to regain access to the Integration Portal.

For More Microsoft Setup FAQ >>

Updates & Maintenance

AuthN by IDEE is fully SaaS (Software as a Service). There is nothing to remember to keep up to date to remain secure. With no additional hardware or software of any kind there is no firmware or software to update – you are secure, all the time... Now that’s real peace of mind.

How We Protect Your Data

Actually… what data? AuthN by IDEE holds zero personal identifiable information (PII) about its users, which is one of the reasons why it is so secure! That said, we take security and privacy incredibly seriously. Privacy is our primary company value, and this is why we also go to enormous lengths to ensure we meet all the important standards and compliance regulations you would expect from a chief cyber security vendor.

con of a circular badge with stars and 'EU' in the center, symbolizing GDPR compliance.

GDPR Compliant

IDEE is fully GDPR compliant, meaning that we take your data seriously. Always.

Icon of a certification seal labeled 'ISO 27001,' indicating that IDEE is certified under the ISO 27001 standard.

ISO 27001

We are 27001 certified.

Icon of a certification badge labeled 'AICPA SOC,' representing SOC2 Type II compliance.

SOC2 Type II

We are SOC2 certified.

Icon of a shield with a check mark, symbolizing Defense In-Depth security.

Defense In-Depth

One layer is not enough. We employ layered security for every action.

Icon of a digital network diagram, representing decentralized credentials.

Decentralized Credentials

Fully decentralized asymmetric keys stored inside the device security chip.

Icon of a document with binary code, representing strong encryption.

Strong Encryption

AES-256-Bit & ECC-512.

Did Somebody Say Compliance?

Rest assured, we are proud to say, that the AuthN by IDEE technology is backed by all the important standards. Due to new and incoming legislation, this is especially important if you are based in Europe or The United States.

Icon of a balanced scale, representing legal compliance.

United States - EO 14028 & OMB M-22-09

This executive order outlines the mandate for all federal government agencies and civilian agencies in the federal government, to use phish-resistant MFA. AuthN by IDEE goes one step further, in offering phish-proof protection compliant with EO 14028 & OMB M-22-09.

Icon of a document with a check mark, representing compliance with European regulations.

Europe - The Digital Operational Resilience Act (DORA) - Regulation (EU) 2022/2554 – DORA

DORA is new legislation aimed at increasing security in the financial sector in the EU and asserts that organizations will be obliged to “Implement  strong authentication mechanisms, based on relevant standards.” AuthN by IDEE is fully compliant with DORA.

Icon of the NIST logo, representing compliance with NIST digital identity guidelines.

NIST (National Institute of Standards and Technology) Compliant

We are compliant with NIST’s digital identity guidelines (NIST SP 800-63).

Text reads 'FIDO2 Compliant.

FIDO2 Compliant

Expanding upon a FIDO2 compliant architecture, AuthN by IDEE is a strong zero-trust application of MFA. We do not trust blindly; all authentications are explicitly verified.

Icon of a lock with the PSD2 logo, representing compliance with the PSD2 Strong Customer Authentication (SCA) requirements.

PSD2 Compliant SCA

Our MFA uses factors that supersede the PSD2 strong customer authentication requirement.

Icon of a circuit, representing the use of proven technology.

Based on proven Technology

We leverage PKC, TPM/Secure Enclave, and strong encryption.

con of a handshake, representing transitive trust.

Transitive Trust

Ensuring a transaction can only be carried out on a “trusted service” by a “trusted device” coupled to a “trusted user” and authorized under the “user’s total control.”

"Icon of an envelope with a line through it, symbolizing protection against phishing.

Phish-Proof

AuthN by IDEE protects against every credential phishing and password-based attack, including Adversary in the Middle attacks (AiTM).

Support

It’s easy to find the support you need. Here are your resources:

Icon of a shield with a question mark, representing frequently asked questions for administrators.

Admin FAQ

Got questions? Well, the chances are that they may have been asked before, which is why we have a neat collection of the most frequently asked questions all in one place! Check it out!

Learn more
Icon of an envelope, representing the support ticketing system.

Raise a ticket

Sometimes we just need a bit of technical support. Do you need to raise a ticket? No problem head over to the service desk and tell us how we can help. We will get back to you quickly!

Learn more
Icon of a bug, representing reporting security incidents or feedback.

Report an incident

Is there something we should know about or maybe you just have some excellent feedback for us? Please use this form to report a security incident, vulnerability, or an improvement.

Learn more
Icon of a play button on a screen, representing video tutorials.

Video tutorials

Already an admin? Visit the Knowledge Centre for step-by-step interactive video tutorials. Looking for demo videos? Check our YouTube playlists.

Learn more
Icon of an open book, representing the IDEE blog.

The IDEE Blog

We discuss many topics on our blog from authentication & cyber security, how our partners can build their business and featured guides and tools.  Check it out!  

Learn more

Like what you see? 

Speak to us today to try the best MFA solution for yourself.

Request a demoTalk to sales
Start a free 14-day trial