Jump to content
  • Sign Up
×
×
  • Create New...

Recommended Posts

  • Diamond Member

This is the hidden content, please

This is the hidden content, please
Cloud MFA enforcement meets with approval

The cyber security community has reacted positively to

This is the hidden content, please
’s 4 November announcement that it will begin to enforce
This is the hidden content, please
(MFA) for millions of
This is the hidden content, please
Cloud users worldwide during 2025, with the move being described as a significant step forward in securing the wider digital ecosystem.

The enhanced policies, announced earlier this week

This is the hidden content, please
, will see mandatory MFA rolled out to every user who currently signs in with just a password.

“We will be implementing mandatory MFA for

This is the hidden content, please
Cloud in a phased approach that will roll out to all users worldwide during 2025. To ensure a smooth transition,
This is the hidden content, please
Cloud will provide advance notification to enterprises and users along the way to help plan MFA deployments,” said Upadhyay.

“We’ve been strong advocates for our MFA system for over a decade, and we’re here to help you with this important security upgrade. At

This is the hidden content, please
, we understand that you need flexibility and control when implementing new security measures. That’s why we’re rolling out mandatory MFA in phases,” he added.

The first phase, beginning this month, will see

This is the hidden content, please
begin to target unprotected users with more reminders and information on MFA in their
This is the hidden content, please
Cloud Console, specifically targeting the 30% of service users not already enrolled. This guidance will push organisations towards raising awareness and planning for MFA, as well as providing advice on testing processes and enablement.

From early 2025,

This is the hidden content, please
will begin to require MFA for all new and existing users who sign in with a password, with notifications and guidance on this appearing throughout the
This is the hidden content, please
Cloud Console, Firebase Console, gCloud, and other platforms. Those that wish to continue to use these tools will have no option but to enrol in MFA at this time.

Finally, by this time next year, MFA requirements will have been extended to all users who federate authentication into

This is the hidden content, please
Cloud. There will be a number of options available to meet this requirement – organisations may choose to enable MFA with their primary identity provider prior to accessing
This is the hidden content, please
Cloud, and work is ongoing to ensure there are standards and procedures in place to make this easier. Or users may wish to add extra layers of MFA through their
This is the hidden content, please
accounts, if they prefer to use
This is the hidden content, please
’s own system.

Mandatory MFA already successful for others

Introducing mandatory MFA for cloud services is very much an idea whose time has come, and

This is the hidden content, please
is not the only cloud giant to be making such moves – earlier in 2024, 
This is the hidden content, please
in the wake of a number of high-profile cyber attacks involving its users, and it has been in force across Azure since the beginning of October.

Meanwhile, open source community giant GitHub, which brought in compulsory MFA for select developers and projects in 2023, said it has seen an opt-in rate of 95% across code contributors who received the MFA requirement, and a 54% uplift in MFA adoption among all active contributors to projects that it hosts.

Mike Britton, CIO at 

This is the hidden content, please
, said
This is the hidden content, please
’s move was long overdue: “[MFA] is a foundational security service that should be 100% mandatory for all software and platform providers – especially for email, which continues to be the primary vector through which threat actors are launching advanced attacks.

“I believe that software vendors should provide MFA – and other core security services like SSO – to their customers as part of their standard baseline offering. We shouldn’t be monetising basic security capabilities and features in our product unless those features are cost prohibitive to provide without additional subscription fees, which is often not the case.”

Patrick Tiquet, vice-president of security and compliance at

This is the hidden content, please
, added: “
This is the hidden content, please
’s phased roll-out eases users into the new requirement, as MFA can be met with resistance due to perceived friction in user experience, especially when implemented abruptly.

“The multi-step plan, starting with console reminders and advancing to full enforcement, prioritises user adoption and minimises operational disruption with gradual transition to ease users into MFA – paving the way for smoother implementation and stronger compliance.

“However, organisations using 

This is the hidden content, please
 Cloud will also need to plan for implementation within their workforce. Employee training about the importance of MFA will be critical and tools like a password manager can facilitate adoption by securely storing and filling MFA codes.”

Anna Collard, senior vice-president of content strategy and evangelist at security training specialist 

This is the hidden content, please
, also praised
This is the hidden content, please
’s new policy, but said that MFA alone was no silver bullet.

“Effective security relies on a layered defence approach that combines multiple strategies to protect assets and data. Not all MFA quality is equal either, for example phishing-resistant MFA, such as those enabled by FIDO are a much better option than text-based or push-based MFA,” she said.



This is the hidden content, please

#

This is the hidden content, please
#Cloud #MFA #enforcement #meets #approval

This is the hidden content, please

This is the hidden content, please

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.