Have a Metric that checks for licensed users for MFA disabled. Using the existing metric pulls all users in management console. Having it set to licensed accounts would be more useful. Using current metric uses a count rather than username so it cannot be filtered out for accounts by name.