I have been using Amazon Web Services (AWS) for a while but as a security guy always complaining about security issues. Today I wanted to thank AWS (and gemalto) for the AWS Multi-Factor Authentication (MFA). I have been using it for 6 months now and it really solved one my worst fears with the authentication to the administration console. Btw, I am not a AWS console fan but I’m using it due to the MFA.
It is really easy to configure and use like any other authentication token. Of course, you have to keep it with you and when your session timeouts, you’ve to enter a new code: this is the little price to pay for security.
Passwords are not safe and they are kept on the browser (or post-it) and authentication tokens really solve this problem. I do not have to remind you what kind of harm can someone do with access to your administration console. Ideally I would love to use it to protect all my amazon accounts information, even when I buy a new book but here I can cope with the risk.
So, let’s expect that AWS will provide simple solutions for simple security issues, and I will end with just two:
-log information about cloud usage
-access control to be able to limit the privileges of users (of course linked with MFA)