Hey Everyone,

Do you all have any go-to articles, information, or tactics you use to ensure the utmost security in user authentication, particularly in making sure the authenticator device is solely a method of secondary authentication?

I know there are other solutions like tokens, and so are the customers; however, it never fails; once one user receives something different, everyone wants something different.

With this user, I even gave them the following list and screenshot everything we can see about their device in the 365 tenants.

Things your organization can never see

Your organization can't see:

·         Calling and web browsing history

·         Email and text messages

·         Contacts

·         Calendar

·         Passwords

·         Pictures, including what's in the photos app or camera roll

·         Content of user created documents

Things your organization can always see

Your organization can always see:

·         Device owner

·         Device name

·         Device serial number

·         Device model, such as Google Pixel

·         Device manufacturer, such as Microsoft

·         Operating system and version, such as iOS 12.0.1

• Device IMEI

Ultimately, we give the customer whatever solution they need, but they typically have us advocate using the phone app.

Thanks!