TechnologyTop Stories
IFM_AWS

AWS rolls out centralised security tool for root credentials

AWS Identity and Access Management is playing a crucial role in encouraging businesses to adopt MFA more widely and improve their security posture by introducing a centralised security feature.

Amazon Web Services (AWS) Identity and Access Management is playing a crucial role in encouraging businesses to adopt multi-factor authentication (MFA) more widely and improve their security posture by introducing a centralised security feature.

This feature will enable organisations and their security teams to monitor and manage root credentials and root sessions within AWS Organisations.

AWS believes that this tool will diminish the potential for lateral movement and privilege escalation in the aftermath of a cyberattack, simultaneously making routine security tasks more manageable and scalable.

AWS has been actively working on strengthening its security measures, commencing with the implementation of MFA for management account root users. Following this, AWS introduced FIDO2 passkey support, resulting in a substantial boost in MFA adoption among AWS Organisations users, as over 750,000 root users embraced the secure, phishing-resistant authentication method.

Security teams can now eliminate prolonged root credentials to prevent their misutilization, and prevent their recovery and subsequent harmful utilisation.

“This will improve the security posture of our customers while simultaneously reducing their operational effort,” the blog post stated.

With the implementation of a centralised management instrument, security personnel can establish accounts without the need for root credentials, thereby providing a default secure setting and obviating the requirement for extra security precautions.

Additionally, this tool assists in handling compliance concerns by enabling close monitoring and subsequent removal of extended root credentials.

In all three paraphrases, the main idea is that AWS is introducing ‘root sessions’ as an additional security measure to prevent the misuse of root credentials, by providing short-term access for specific tasks and actions, and relying on the principle of least privilege to minimise the risk of malicious activity.

These sessions will also make it easier for security teams to follow AWS best practices and perform privileged root actions from a single central dashboard.

Related posts

Go Green with GBO: Sustainable luxury travel becomes new buzz in tourism sector

GBO Correspondent

ADNOC signs sales agreement with UAE firms

GBO Correspondent

3air to solve Africa’s broadband problems by leveraging blockchain technology

GBO Correspondent