Enabling MFA

You can enable multi-factor authentication (MFA) in Parallels DaaS using Microsoft Entra ID (Azure AD). When users sign up to Parallels DaaS User Portal, they will be prompted to complete MFA. For additional security, Parallels DaaS assigns users to virtual machines “just in time”, thus preventing unauthorized access.

To enable MFA in Microsoft Entra ID:

1. Navigate to the Microsoft Azure portal at https://portal.azure.com.

2. Go to Microsoft Entra Conditional Access.

1. Select Create new policy.

1. Specify a name and assign the policy to a group of users. Its recommended to test the effects of the policies on a limited set of users before enabling it for all users.

2. Set Target resources to include your Parallels DaaS app registration (or all cloud apps) and exclude Azure Windows VM Sign-In. (It might be visible under other names such as: Microsoft Azure Windows Virtual Machine Sign-in, but can always be found using the GUID: 372140e0-b3b7-4226-8ef9-d57986796201)

1. Go to Grant, and select Grant Access.

2. Enable Require multifactor authentication.

3. Choose Select.

1. Enable the policy and click Create.

Depending on your organization's preferences, policies can be tailored to your specific needs.