MFA Policies
To enforce additional security to all users that have access to Veeam Service Provider Console without enabling MFA for each of them one by one, you can apply MFA policy. MFA policy is a notification mechanism that allows you to prompt all users of your organization as well as managed companies to enable MFA.
Required Privileges
To perform this task, a user must have one of the following roles assigned: Service Provider Global Administrator, Service Provider Administrator.
Applying Policy
To apply MFA policy:
- Log in to Veeam Service Provider Console.
For details, see Accessing Veeam Service Provider Console.
- At the top right corner of the Veeam Service Provider Console window, click Configuration.
- In the configuration menu on the left, click Security.
- On the Multi-Factor Authentication tab, set Mandatory MFA usage for backup portal users toggle to On.
On the next authorization session, each user in the scope of an applied policy will be prompted to configure MFA by going through the Multi-Factor Authentication step of the Edit User wizard as described in the Modifying Own User Profile section.
Ignoring Policies
To ignore applied policies:
- Log in to Veeam Service Provider Console.
For details, see Accessing Veeam Service Provider Console.
- At the top right corner of the Veeam Service Provider Console window, click Configuration.
- In the configuration menu on the left, click Security.
- On the Multi-Factor Authentication tab, set the Mandatory MFA usage for backup portal users toggle to Off.
After you ignore MFA, each user in the scope of an ignored policy will be able to disable MFA manually by going through the Multi-Factor Authentication step of the Edit User wizard as described in the Modifying Own User Profile section.
Note: |
If the MFA policy for all resellers and companies is enabled by your service provider, you cannot disable the Mandatory MFA usage for backup portal users policy. |