Whilst you need to ensure that there is always at least 1 account that is a member of the Admin role (via a group), it does not need to be the default Admin user account that is shipped with the product. The issue is that this is a basic authentication account.
Provided their is a valid account who has the Admin role, it should be possible to delete or deactivate the basic Jedox Admin user.
Implicitly the new "Admin" user could then be secured via a 3rd party authentication provider where MFA could be enabled.
Furthermore, I would like to add, that it there is currently no possibility to add in the cloud environment (with Azure Authorization) a "true" admin user. In order to maintain access rights, the respective admin must be member of the built-in admin group. Any other user group with admin role rights is not sufficient, only the user group "admin" is able to see and manage internal databases. Therefore, it is not possible to define a user or user group in Azure, which would be able to completely administrate access rights. (unless you create an azure group named "admin", which is not a realistic option).