policy name: two_factor_authentication_is_disabled_for_an_external_collaborator
severity: HIGH
An external collaborator’s two factor authentication is disabled. Turn it on in the collaborator setting, or globally in the account, to prevent any access without MFA.
Collaborators without two-factor authentication are prime targets for phising and social engineering attacks, as compromise only requires acquiring the collaborator’s password. This is doubly important for external collaborators, as these are identities that aren’t likely managed by you or your organization and may be easier to compromise.