@James Blackwell
Thank you for your post!
If you don't have an Azure AD P1 license, you can definitely leverage security defaults within Azure Active Directory to enable MFA, this'll take you through a similar process as your Hotmail account. Security defaults is a set of basic identity security mechanisms recommended by Microsoft. To set up authentication with an Authenticator app, you can Set up the Microsoft Authenticator app from the Security info page, or leverage your own 3rd party authenticator app.
If you have an Azure AD Premium P1 license, you can also leverage Conditional Access Policies to enable MFA within your Azure tenant. Customers with Microsoft 365 Business Premium licenses also have access to Conditional Access features.
If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.
----------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.