• AWS is introducing centralized security controls to help business

    From TechnologyDaily@1337:1/100 to All on Wednesday, November 20, 2024 16:00:05
    AWS is introducing centralized security controls to help businesses adopt MFA

    Date:
    Wed, 20 Nov 2024 15:48:17 +0000

    Description:
    AWS is introducing central management for root credentials to minimize malicious use and the burden on security teams.

    FULL STORY ======================================================================AWS is introducing a central management tools to AWS Organizations The tool will allow security teams to manage root user access Root sessions are also being introduced for short-term root access

    AWS Identity and Access Management is helping businesses boost multi-factor authentication (MFA) adoption and organizational security by introducing a centrally managed security feature.

    The tool will help organizations and security teams manage root credentials and root sessions through AWS Organizations.

    AWS hopes the tool will help reduce the risk of lateral movement and
    privilege escalation in the event of a cyberattack, while also making day to day security easier and scalable. Boosting MFA and account security

    AWS has taken several steps recently to enhance account security, initially introducing MFA for management account root users before launching FIDO2 passkey support which resulted in a 100% increase in MFA adoption for AWS Organizations users with more than 750,000 AWS root users enabling the phishing-resistant authentication method.

    Now, security teams will also be able to remove long-term root credentials to prevent them from being abused, and will also stop them from being recovered and used maliciously.

    This will improve the security posture of our customers while simultaneously reducing their operational effort, the blog post stated.

    The centralized management tool will also allow security teams to create accounts without root credentials, making them secure-by-default and removing the need for additional security measures. The tool will also assist with compliance-related issues by allowing security teams to closely monitor and remove long-term root credentials.

    As an additional preventative measure against the misuse of root credentials, AWS is also introducing root sessions that provide short-term access for specific tasks and actions, relying on the principle of least privilege to minimize the possibility of malicious use.

    Root sessions will also reduce the burden on security teams by helping them adhere to AWS best practices, and perform privileged root actions from a single central dashboard, rather than having to manually log in to each user account.

    Central root account management is available through IAM console, AWS CLI or AWS SDK, with additional details for obtaining root credentials on the AWS blog . You might also like Take a look at the best password managers Here is our guide to the best endpoint protection Apple says Mac users are being targeted by dangerous zero-day attacks, so update now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/aws-is-introducing-centralized-security-controls -to-help-businesses-adopt-mfa


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)