|   Trend Micro Cloud One™
Open menu

Cloud Conformity user has signed in without MFA

Cloud Conformity allows you to automate the auditing process of this resolution page. Register for a 14 day evaluation and check your compliance level for free!

Start a Free Trial
Last updated: 15 September 2017
Risk level: Medium (should be achieved)
Rule ID: RTM-004

Cloud Conformity Real-Time Threat Monitoring and Analysis (RTMA) engine detected a user authentication session initiated without using MFA.

This rule can help you with the following compliance standards:


Multi-Factor Authentication (MFA) is a simple yet efficient method of verifying your Cloud Conformity user identity by requiring an authentication code generated by a MFA device. MFA adds an extra layer of protection on top of your existing credentials (email address and password) in order to ensure stronger authentication.

We highly recommend that you use Multi-Factor Authentication every time you sign in to your Cloud Conformity account in order to secure the access to your resources and adhere to security best practices.


Monitoring the access to your Cloud Conformity account for intrusion detection in real-time is essential for keeping your account safe.

If the email account used to register with Cloud Conformity gets compromised, the malicious user can gain access to the information (metadata) associated with your Amazon Web Services infrastructure. The attacker cannot obtain direct access to your AWS resources but he/she can gather useful information about your AWS environment and use it to plan elaborate attacks such as phishing attacks, scamming or social engineering attacks on any of the AWS account(s) linked to your Cloud Conformity identity.

Having an MFA-protected Cloud Conformity account represents the best way to safeguard your AWS resources and services metadata against malicious users, as Multi-Factor Authentication adds extra security to the authentication process by forcing you to enter a unique passcode generated by an approved MFA authentication device every time you sign in to your Cloud Conformity account.


Publication date May 24, 2017

Unlock the Remediation Steps

Gain free unlimited access to our full Knowledge Base

Over 600 rules & best practices for and

Get started for FREE

A verification email will be sent to this address
We keep your information private. Learn more.

Thank you!

Please click the link in the confirmation email sent to

You are auditing:

Cloud Conformity user has signed in without MFA

Risk level: Medium