Last week I ran a survey asking about multi-factor authentication (MFA) adoption. Of the hundreds of responses I had actually thought that we would see a clear majority adopting MFA. After all, we all know how important MFA (or 2FA if you prefer) is these days, with high profile breaches of online services causing exposure of usernames and passwords (sometimes encrypted, sometimes not).
Surprisingly, 55% of responses indicated that they do not use MFA at all in their organizations.
It's reasonable to assume that some of those 55% are not using any Office 365 or other cloud services at this time. However, due to the make up of the audience that was actually surveyed here, it seems more likely that a good portion of those 55% (not to mention the 20% who say they're using it for admins only) are using Office 365 in some capacity, have some reservations or obstacles preventing them from rolling out MFA to their user population.
So I'd like to get a discussion going and learn more about those roadblocks that you're facing. From my own work with customers I know this can be a wide range of technical and political reasons. If you're not using MFA today, please leave a comment below explaining what has stopped you deploying MFA so far.