Passwords have long been a target for cybercriminals since they became necessary for switching between users on computers, validating a simple but important security layer. Passwords are typically weak enough to be susceptible to brute force attacks, or too complex to easily remember. Even password generators and password management tools like LastPass have not been bulletproof solutions, and have commonly been targets for hackers looking to exploit this sensitive information.
In fact, 81% of hacking-related breaches in 2017 leveraged either stolen and/or weak passwords, making this one of the most popular breach tactics used by cybercriminals.
Given the increase in these kinds of exploits, it’s clear that a password best practices methodology isn’t enough to secure your cloud environment. Organizations need to enable multi-factor authentication (MFA) as an additional, critical measure as part of their security approach. MFA adds a key security layer to user-generated passwords that help keep you and your organization secure. It allows your resources and security to remain focused on enabling your business, instead of dealing with the repercussions.
Here at Lacework, we automate cloud security by checking your AWS resources against security best practices, alerting you on deviations from best practices. One of these key best practices is enabling MFA for all IAM users that have a console password. This best practice can also be found in the Center for Internet Security (CIS) benchmarks for AWS.
To learn more about how we seamlessly automate cloud security on AWS, try it for free in your own environment to validate your security configuration. You’ll get an assessment and audit for security best practices, along with an interactive report with detailed information on how to fix violations around MFA open S3 buckets and more.