close
close

AWS Implements Centralized Security Controls to Help Enterprises Adopt MFA

Posted on by L. Dreeye
AWS Implements Centralized Security Controls to Help Enterprises Adopt MFA

When you make a purchase through links in our articles, Future and its syndication partners may earn a commission.

ABC logo.

Photo: Future/Mike Moore

  • AWS Introduces Centralized Management Tools for AWS Organizations

  • The tool will allow security teams to manage root user access.

  • Root sessions are also introduced for short-term root access.

AWS Identity and Access Management helps enterprises accelerate the adoption of multi-factor authentication (MFA) and improve organizational security by implementing centralized security management.

This tool will help organizations and security teams manage root credentials and root sessions across AWS Organizations.

AWS hopes this tool will help reduce the risk of lateral movement and privilege escalation in the event of a cyber attack, while also making everyday security easier and more scalable.

Increase MFA and account security

AWS recently took several steps to improve account security, first introducing MFA for management account root users and then launching support for FIDO2 passwords, resulting in a 100% increase in MFA adoption for AWS organization users with over 750,000 AWS root users. which provides protection against phishing. authentication method.

Security teams will now also be able to remove long-term root credentials to prevent their abuse, and will also prevent their recovery and malicious use.

“This will improve the security of our customers while reducing their operational effort,” the blog post said.

The centralized management tool will also allow security teams to create accounts without root credentials, making them secure by default and eliminating the need for additional security measures. This tool will also help resolve compliance issues by allowing security teams to closely monitor and remove long-term root credentials.

As an additional preventive measure against misuse of root credentials, AWS is also introducing “root sessions” which provide short-term access for specific tasks and actions, relying on the principle of least privilege to minimize the possibility of malicious use.

Root sessions will also reduce the burden on security teams by helping them adhere to AWS best practices and perform privileged root actions from one central control panel, rather than having to manually log into each user account.

Centralized root account management is available through the IAM console, AWS CLI, or AWS SDK. For more information about obtaining root credentials, see the AWS blog.

You may also like