Use the Conformity Knowledge Base AI to help improve your Cloud Posture

Enable Cloud Conformity Multi-Factor Authentication

Trend Micro Cloud One™ – Conformity is a continuous assurance tool that provides peace of mind for your cloud infrastructure, delivering over 750 automated best practice checks.

Risk Level: High (act today)
Rule ID: CC-002

Ensure that Multi-Factor Authentication (MFA) is enabled to secure your Cloud Conformity account by adding an extra layer of protection on top of your existing credentials (email address and password) in order to achieve stronger authentication. The Multi-Factor Authentication is a simple, yet efficient method of verifying your Cloud Conformity user identity by requiring an authentication code generated by an MFA device. We highly recommend that you use Multi-Factor Authentication every time you sign in to your Cloud Conformity account in order to secure the access to your resources and adhere to security best practices.

This rule resolution is part of the Conformity solution.

Security

Having an MFA-protected account represents the best way to safeguard your Cloud Conformity account against malicious users, as MFA adds extra security to the authentication process by forcing you to enter a unique passcode generated by an approved authentication device every time you sign in to your account.


Audit

To determine if your Cloud Conformity account is MFA-protected, perform the following actions:

Note: Checking MFA status using Cloud Conformity API is disabled for security reasons. The operation can be implemented only using the Cloud Conformity dashboard.

Using Cloud Conformity Console

01 Sign in to your Cloud Conformity account.

02 Navigate to Two-Factor authentication dashboard at https://ap-southeast-2.cloudconformity.com/user/mfa - for Sydney, Australia region, at https://us-west-2.cloudconformity.com/user/mfa - for Oregon, US region or at https://eu-west-1.cloudconformity.com/user/mfa - for Ireland, Europe region.

03 Inside the Two-Factor authenticationsection, check for any enabled MFA devices. If there are no MFA devices listed in this section, instead the Setup Two Factor Authentication nowbutton is displayed: https://goo.gl/ErXFpN, your Cloud Conformity account is not MFA-protected and the authentication process is not following security best practices.

04 Repeat steps no. 1 – 3 for each Cloud Conformity account that you want to examine.

Remediation / Resolution

To enable Multi-Factor Authentication (MFA) access protection for your Cloud Conformity account, perform the following:

Note 1: As example, this guide will use Google Authenticator as MFA device since is one of the most popular MFA virtual applications.
Note 2: Installing and activating a Multi-Factor Authentication device for a Cloud Conformity account using the API is not currently supported.

Using Cloud Conformity Console

01 Sign in to your Cloud Conformity account.

02 Navigate to Two-Factor authentication dashboard at https://ap-southeast-2.cloudconformity.com/user/mfa - for Sydney, Australia region, at https://us-west-2.cloudconformity.com/user/mfa - for Oregon, US region or at https://eu-west-1.cloudconformity.com/user/mfa - for Ireland, Europe region.

03 In the Two-Factor authentication section, click Setup Two Factor Authentication now to start the MFA device setup process.

04 Now install the AWS MFA-compatible application. The MFA application used for this conformity rule is Google Authenticator. This guide assumes that you have the application installed on your smartphone at this point, otherwise just follow these simple steps: https://goo.gl/cvl2Y.

05 Scan the QR code provided by Cloud Conformity using the Google Authenticator application and enter the authentication passcode generated by the application in the Authentication Code box, then click Verify to complete the setup process. If successful, the following message will be displayed: “Two-Factor has been successfully set up.”.

06 Repeat steps no. 1 – 5 to enable MFA-based access protection for other Cloud Conformity accounts.

References

Publication date Nov 17, 2017

Unlock the Remediation Steps


Free 30-day Trial

Automatically audit your configurations with Conformity
and gain access to our cloud security platform.

Confirmity Cloud Platform

No thanks, back to article

You are auditing:

Enable Cloud Conformity Multi-Factor Authentication

Risk Level: High