AWS just hit a major cloud security milestone - and it could be a win-win for businesses everywhere
AWS reveals a cloud security gamechanger in its bid to keep customers safe.
- AWS has managed to enforce MFA for 100% of root users
- The achievement is a great advancement for the AWS cloud platform
- More major security announcements were made at re:Inforce
Amazon Web Services (AWS) says it has managed to get 100% of root users to enforce multi-factor authentication across all account types.
The news represents a significant milestone in security posture, with AWS fully meeting its past commitment to enforce the use of MFA for management and standalone accounts with root access.
Chief Information Security Officer Amy Herzog made the milestone announcement at the company's AWS re:Inforce conference, stating, “I'm so happy to say that we now have 100 percent MFA enforcement for root users.”
AWS continues voluntary commitments
As an achievement on its own, this is major, but what makes it even more impressive is that the 100% MFA root user account milestone is part of AWS’ voluntary commitments to the Cybersecurity and Infrastructure Security Agency (CISA) Secure By Design initiative.
Multi-factor authentication has become a key part of most organizations' security structure, offering a phishing resistant verification method that can stop an attacker in their tracks even if they’ve got their hands on a stolen username and password.
This wasn’t the only significant security announcement made at re:Inforce though – as AWS also announced some significant new feature that has been added to the platforms Identity and Access Management hub. Within the Access Analyzer, you can now check which users have access to critical resources on a central dashboard.
The AWS Security Hub now offers notifications and signals ranked by their significance to help security teams deal with the most pressing issues first.
“For example, Security Hub can combine the multi-stage threats detected by GuardDuty Extended Threat Detection with other signals like vulnerabilities, and prioritize critical security issues and help you simplify your overall cloud security operations across your entire organization,” Herzog said.
Additionally, GuardDuty Extended Threat Detection now offers support for container-based applications running on Amazon Elastic Kubernetes Service.
AWS Shield has also been boosted with a new network security director that looks for misconfigurations on the network that could be exploited during a distributed-denial-of-service attack, or SQL injection.
You might also like
- Take a look at my roundup of the best endpoint protection security software
- These are my top picks for the best business VPN
- AWS reveals European Sovereign Cloud to allay fears about US providers
