Cybersecurity is the central challenge of our digital age. Microsoft is committed to providing a trusted set of cloud services and platforms. We invest heavily in our technology, people and processes to help ensure that customers’ as well as partners’ data is private and protected from unauthorized access, both internally and externally.

We have noticed an increasing number of security breaches and fraud incidents in the industry. As our Cloud Solution Provider (CSP) program ecosystem grows, we are extending our secure application model and best practices to our partner ecosystem. We are introducing new mandatory security requirements that help protect our partners in the CSP program ecosystem, as well as customers, from potential security risks caused by unauthorized access to CSP capabilities in the partner center.

The new security requirements include:

1. Enabling a new secure application model to integrate with APIs in the partner center
2. Adopting and enabling Multi-Factor Authentication (MFA) to access CSP capabilities and APIs in the partner center

These requirements will enable all parties, including partners in the CSP program, control panel vendors and customers to better protect their infrastructure as well as customer data from potential security risks such as identify theft or other fraud incidents.

• Implementation due date: December 11, 2018
• Enforcement date: Partners who don’t meet these security requirements by February 4, 2019 will not be able to transact through APIs in the partner center.

 View this partner webinar to learn how you can meet the new requirements.