- AWS has managed to enforce MFA for 100% of root users
- Achievement is a great advance for the AWS cloud platform
- More important security ads were made in Re: Inforce
Amazon Web Services (AWS) says that it has managed to obtain 100% of root users to enforce multifactor authentication in all types of accounts.
The news represents a significant milestone in the security position, and AWS fully fulfills its past commitment to enforce MFA for management and independent accounts with access to the root.
The Director of Information Security, Amy Herzog, made the announcement of milestones at the company’s AWS conference: Inforce Conference, stating: “I am very happy to say that we now have 100 percent of MFA application for roots users.”
AWS continues voluntary commitments
As I achieve on its own, this is important, but what makes it even more impressive is that the MFA Root User account mile is part of AWS volunteer commitments with the design initiative of the Cybernetics and Infrastructure Security Agency (CISA).
Multifactor authentication has become a key part of the safety structure of most organizations, offering a phishing verification method resistant to phishing that can stop an attacker on their tracks, even if they have their hands in a stolen username and password.
However, this was not the only significant security announcement made in Re: Inforce, since AWS also announced a new significant feature that has been added to the identity management and platform access center. Within the access analyzer, you can now verify which users have access to critical resources on a central board.
The AWS Security Center now offers notifications and signals classified by its importance to help security equipment first with the most pressing problems.
“For example, Security Hub can combine the threats of several stages detected by the detection of extended threats of Guardduty with other signals such as vulnerabilities, and prioritize critical security problems and help him simplify his general cloud security operations throughout his organization,” said Herzog.
In addition, the detection of extended threats of Guardduty now offers support for container -based applications that are executed in the Amazon Elastic Kubernetic Service.
AWS SHIELD has also been promoted with a new network safety director who seeks erroneous settings on the network that could be exploited during a distributed attack of SQL service denial or injection.
