Open menu
-->

Enable Cloud Conformity Multi-Factor Authentication

Cloud Conformity allows you to automate the auditing process of this resolution page. Register for a 14 day evaluation and check your compliance level for free!

Start a Free Trial Product features
Security

Risk level: High (act today)

Ensure that Multi-Factor Authentication (MFA) is enabled to secure your Cloud Conformity account by adding an extra layer of protection on top of your existing credentials (email address and password) in order to achieve stronger authentication. The Multi-Factor Authentication is a simple, yet efficient method of verifying your Cloud Conformity user identity by requiring an authentication code generated by an MFA device. We highly recommend that you use Multi-Factor Authentication every time you sign in to your Cloud Conformity account in order to secure the access to your resources and adhere to security best practices.

Having an MFA-protected account represents the best way to safeguard your Cloud Conformity account against malicious users, as MFA adds extra security to the authentication process by forcing you to enter a unique passcode generated by an approved authentication device every time you sign in to your account.

Audit

To determine if your Cloud Conformity account is MFA-protected, perform the following actions:

Note: Checking MFA status using Cloud Conformity API is disabled for security reasons. The operation can be implemented only using the Cloud Conformity dashboard.

Using Cloud Conformity Console

01 Sign in to your Cloud Conformity account.

02 Navigate to Two-Factor authentication dashboard at https://ap-southeast-2.cloudconformity.com/user/mfa - for Sydney, Australia region, at https://us-west-2.cloudconformity.com/user/mfa - for Oregon, US region or at https://eu-west-1.cloudconformity.com/user/mfa - for Ireland, Europe region.

03 Inside the Two-Factor authentication section, check for any enabled MFA devices. If there are no MFA devices listed in this section, instead the Setup Two Factor Authentication now button is displayed:

Setup Two Factor Authentication

your Cloud Conformity account is not MFA-protected and the authentication process is not following security best practices.

04 Repeat steps no. 1 – 3 for each Cloud Conformity account that you want to examine.

Remediation / Resolution

To enable Multi-Factor Authentication (MFA) access protection for your Cloud Conformity account, perform the following:

Note 1: As example, this guide will use Google Authenticator as MFA device since is one of the most popular MFA virtual applications.
Note 2: Installing and activating a Multi-Factor Authentication device for a Cloud Conformity account using the API is not currently supported.

Using Cloud Conformity Console

01 Sign in to your Cloud Conformity account.

02 Navigate to Two-Factor authentication dashboard at https://ap-southeast-2.cloudconformity.com/user/mfa - for Sydney, Australia region, at https://us-west-2.cloudconformity.com/user/mfa - for Oregon, US region or at https://eu-west-1.cloudconformity.com/user/mfa - for Ireland, Europe region.

03 In the Two-Factor authentication section, click Setup Two Factor Authentication now to start the MFA device setup process.

04 Now install the AWS MFA-compatible application. The MFA application used for this conformity rule is Google Authenticator. This guide assumes that you have the application installed on your smartphone at this point, otherwise just follow these simple steps: https://support.google.com/accounts/answer/1066447?hl=en.

05 Scan the QR code provided by Cloud Conformity using the Google Authenticator application and enter the authentication passcode generated by the application in the Authentication Code box, then click Verify to complete the setup process. If successful, the following message will be displayed: “Two-Factor has been successfully set up.”.

06 Repeat steps no. 1 – 5 to enable MFA-based access protection for other Cloud Conformity accounts.

References

Publication date Nov 17, 2017