Amazon Web Services (AWS) has reached a milestone by enforcing multi-factor authentication (MFA) for all root users across its platforms. During her keynote at the annual re:Inforce cloud security conference, AWS Chief Information Security Officer Amy Herzog proclaimed this achievement, highlighting the importance of MFA in preventing unauthorized access, as evidenced by incidents at Snowflake. This enforcement fulfills a commitment to security standards and supports the CISA Secure by Design pledge, ensuring enhanced protection for user accounts.
For anyone who still has doubts about MFA: just ask Snowflake CISO Brad Jones, who last year saw more than 160 of his customers' accounts compromised using stolen credentials. None of these had MFA enabled, and this safeguard likely would have prevented the intruders from accessing the customers' databases.
We were the first cloud provider to mandate the use of MFA for management and standalone accounts with root access. And with this step, I'm so happy to say that we now have 100 percent MFA enforcement for root users.
Collection
[
|
...
]