snikch

Recently I started getting prompted to login to Microsoft for SSO a lot more - like 10 times a day. When I questioned IT I got the following response. I'd like to respond with actual data as to why this is backwards progress, but I don't know where to find useful resources. Does anyone have any useful links to modern corporate security practices that may be helpful?

> I’ll address your concerns.

>We want sessions to time out. This is a security measure we implemented so if a machine is left unattended or stolen no one can just open something and be logged in.

> Yes, the method has changed for the authenticator. Its another layer Microsoft has pushed entering the number now.

> We cannot roll back these changes.

> If you are authenticating multiple times a day it’s a good thing, as frustrating as it may seem that is the security working - it keeps you, the data, the company safe. If it helps on average, I authenticate 25 to 30 times a day.

> Hope this lessens the frustration, if we could and the internet was a safer place we wouldn’t have to these protocols in place.