Conformity user has signed in without MFA

Trend Micro Cloud One™ – Conformity is a continuous assurance tool that provides peace of mind for your cloud infrastructure, delivering over 750 automated best practice checks.

Risk level: Medium (should be achieved)
Rule ID: RTM-004

Cloud Conformity Real-Time Threat Monitoring and Analysis (RTMA) engine detected a user authentication session initiated without using MFA.

This rule can help you with the following compliance standards:

Security

Multi-Factor Authentication (MFA) is a simple yet efficient method of verifying your Cloud Conformity user identity by requiring an authentication code generated by a MFA device. MFA adds an extra layer of protection on top of your existing credentials (email address and password) in order to ensure stronger authentication.

We highly recommend that you use Multi-Factor Authentication every time you sign in to your Cloud Conformity account in order to secure the access to your resources and adhere to security best practices.

Rationale

Monitoring the access to your Cloud Conformity account for intrusion detection in real-time is essential for keeping your account safe.

If the email account used to register with Cloud Conformity gets compromised, the malicious user can gain access to the information (metadata) associated with your Amazon Web Services infrastructure. The attacker cannot obtain direct access to your AWS resources but he/she can gather useful information about your AWS environment and use it to plan elaborate attacks such as phishing attacks, scamming or social engineering attacks on any of the AWS account(s) linked to your Cloud Conformity identity.

Having an MFA-protected Cloud Conformity account represents the best way to safeguard your AWS resources and services metadata against malicious users, as Multi-Factor Authentication adds extra security to the authentication process by forcing you to enter a unique passcode generated by an approved MFA authentication device every time you sign in to your Cloud Conformity account.

References

Publication date May 24, 2017

Unlock the Remediation Steps


Gain free unlimited access
to our full Knowledge Base


Over 750 rules & best practices
for AWS and Azure

You are auditing:

Conformity user has signed in without MFA

Risk level: Medium