Secure Authentication 2FA Update
Back in 2018, MYOB introduced secure authentication using a two-factor authentication method (2FA) for MYOB Advanced customers. An enforcement date was originally set to help customers reach security compliance, however, this date has shifted several times to allow customers to prepare and set up their authentication. !The enforcement date has been shifted again to the31st of March 2024 for sites on older versions below 2022.121.301 we have alsothe enforcement date in the latest versions (2022.121.301 and above). In version 2022.121.301 and above the Enforcement date field was replaced with a new Enforce Secure Authentication checkbox empowering our customers to manage this feature themselves. At the same time, we also removed sign-up banners and dialogues informing users of upcoming changes. Learn more about this change in our release notes To assist in clarifying the differences between versions, see the table below: Site version Current state Notes Next steps Versions below 2022.121.301 Current enforcement date: 31 March 2024 No immediate action required Upgrade to a fix version prior to 31 March 2024 This can be achieved through the scheduled upgrade windows or by request if an earlier date is required. Versions 2022.121.301.3266-dev 2022.121.302.3452 2022.121.400.3744 2022.205.100. 3024 2022.205.101.3268 2022.205.102.3844 Checkbox to Enforce Secure Authentication has been applied We have identified the below issue related to these versions where you are unable to register (opt-in) individual users for 2FA. Upgrade to a fix version. There are no date restrictions for the enforce secure authentication checkbox. This can be achieved through the scheduled upgrade windows or by request if an earlier date is required. Issue When sites have Enforce Secure Authentication unchecked individual users are unable to register for 2FA Steps to replicate Log in to the site as a new or existing user. Try to sign up for MYOB Secure Authentication (2FA) without Enforce Secure Authentication checked Solution A hotfix will be released soon, the fix will be deployed from July 2023 onwards. Sites that require this fix earlier than their regular scheduled upgrade can request an earlier upgrade window. Please contact angela.maxwell@myob.com for early access. Workaround Option 1: Enforce Secure Authentication for all users (Security preferences SM201060) OR Option 2: Direct Users to go to their User Profile, into the External Identities Tab, click on the MYOB row, and click the Associate ID button Open User Profile Open External Identities Tab Check if MYOB line has an "Active" tick, this only works if it is ticked active. Click the Associate User button Option 2only works if the user is already "active" for MYOB Secure Authentication. If they do not have an active tick in the box, you need to follow Option 1. Next Steps Start discussing secure authentication with customers and how they would like to proceed. For those customers wanting to turn on secure authentication for individual users check the site version, they will need to be on the hotfix version or higher to enforce authentication successfully. Best regards, Jean Fulop Senior Product Manager117Views0likes0Comments2FA Enforcement Date
IMPORTANT - MUST READ In our March Azure AD Enablement Webinar, we announced that two-factor authentication (2FA) will be enforced by June 30, 2023. On review, we made a change in the latest release (2022.2 & 2022.1.301) wherethe "Enforcement Date" field has been replaced by an "Enforce Secure Authentication" checkbox. Learn more about this change in our release notes here –2022.2.101&2022.1.301. Customers on older versions will still have the enforcement date reflected as 30 June 2023. To assist in managing the change MYOB will extend this enforcement date for all sites reflecting 30 June 2023 now set to 31 March 2024. This date change will take effect today with no impact on customers. Next steps Customer sites will need to upgrade to a version that enables the checkbox, this will occur during their scheduled major upgrades to 2022.2 and above. Sites not scheduled through July or August will be scheduled to a hotfix window in August to receive a hotfix upgrade containing the change to a checkbox. Details of the deployment window to follow soon. What does this mean? The tenant administrator will have full control of when this feature is made mandatory for all UI users (except MYOB Admin) where they are required to sign up with the MYOB Identity provider. Things to be aware of To maintain compliance with the DSP framework, wemustenforce Secure Authentication and any two-factor authentication (2FA) requirements outlined by the ATO. All changes to this field are audited for review of the noted compliance, and extra restrictions may be applied to ensure only certain personnel can modify this configuration. Best regards, Jean Fulop Senior Product Manager