January 17, 2015 1:00 AM
by Ed Blankenship
For several months now, we have been on the path of going through the many audits & initiatives to get the various set of compliance certifications for Visual Studio Online. The underlying infrastructure in Azure has been certified which really helps us tremendously but as a service on top of the infrastructure, Visual Studio Online still needs to go through the proper audits and the process. One of the things we wanted to do was make sure we were transparent with our data protection procedures, and Jeff Beehler wrote a great whitepaper that dives into the details if you are interested:
Dive into the details for how data is protected in Visual Studio Online here: http://t.co/pfmIwLeZLY— Ed Blankenship (@edblankenship) November 4, 2014
Dive into the details for how data is protected in Visual Studio Online here: http://t.co/pfmIwLeZLY
Additionally, Brian Harry announced yesterday that Visual Studio Online is past a significant milestone with receiving the ISO 27001 certification and adding the European Model Clauses to our service terms. This is really great and are public proof points of our internal data procedures. We will continue down that journey.
Yesterday, I was leading a briefing with one of our large enterprise customers in our Microsoft Executive Briefing Center here in Redmond and we talked a lot about data security. One of the things that was brought up was support for multi-factor authentication. I was really happy to mention to them that we do have support with Visual Studio Online for multi-factor authentication when using Azure Active Directory and two-factor authentication when you are using Microsoft Accounts.
In a nutshell, multi-factor authentication is “a security system that requires more than one form of authentication to verify the legitimacy of a transaction.” In the case of using Visual Studio Online, we want to have better mechanisms for verifying person who is logging in to participate in your source code, work item tracking, test cases, etc. With multi-factor authentication strategies, your team members not only need
Let’s take a step back, and look at the two options you can use for authentication & identity for user accounts in Visual Studio Online:
If you would like more information about how to setup your Visual Studio Online account to use the Azure Active Directory method from #2 above, we have a walkthrough available here: Manage Organization Access for Visual Studio Online.
Setting up two-factor authentication for your Microsoft Account is helpful to secure access to all of your Microsoft services like Skype, Outlook.com, OneDrive, XBox Live, and Visual Studio Online. Here’s an overview of the steps :http://windows.microsoft.com/en-us/windows/two-step-verification-faq
If you need to add or verify any security info before you can turn on two-step verification, Microsoft will prompt you with a few simple steps to do so.
The key to remember with this approach is that each of your team members will need to enable this for their accounts or you can take the approach to only enable it on your administrator accounts.
You can have the Microsoft Account system text you as the second authentication factor or you can use an app on your phone & computer to generate the temporary secure codes for you using QR Codes. One popular app is Google Authenticator. You can find many that follow the same standard that Google Authenticator including my personal favorite: Authy.
Authy has a clean interface and just works well with syncing with the phone app & my trusted computers. It works everywhere that Google Authenticator works.
There are several options included with Azure Active Directory. The overview on setting up multi-factor authentication for Azure Active Directory is a great place to start exploring the many options. You can then move on to the actual steps to enable multi-factor authentication.
One of the really nice things with this approach is that the administrator for the directory is able to specify which accounts require multi-factor authentication
By offering the following options, Azure Multi-Factor Authentication provides flexibility for users and backup options if users cannot pass authentication by using their preferred method:
Let us know if you have any other questions!
a@href@title, b, blockquote@cite, em, i, strike, strong, sub, sup, u
Hi! I am Ed Blankenship and a Product Manager at Microsoft for Visual Studio Online, Team Foundation Server, and the Application Lifecycle Management family of tools. I am an author of a few books, former Microsoft MVP of the Year, and a former ALM consultant.
Powered by Azure Websites
Site design by Jeremy Kratz