Amazon finally adds MFA to its enterprise email service

Isometric demonstrating multi-factor authentication using a mobile device.
(Image credit: Shutterstock)

Eight years on from its initial launch, Amazon has introduced multi-factor authentication (MFA) to its business cloud-hosted email service, WorkMail.

Better late than never appears to be the justification behind the near-decade delay, especially for one of the most basic forms of identity verification that has been standard practice for several years now.

However there are still hurdles to enabling MFA for WorkMail, as it will not be enabled by default and system administrators will have to manually add each user to the AWS Identity Center.

MFA at last

Amazon launched WorkMail as a competitor to Microsoft Exchange, and over the past years has built a modest customer base but still struggles to compete despite many businesses migrating to Amazon provided services and continuing to use Microsoft Exchange.

In late 2023, Amazon signed a $1 billion deal with Microsoft to provide Microsoft 365 licenses to one million of Amazon’s corporate and frontline workers, including Outlook.

In a response to questioning by TheRegister, an Amazon spokesperson said MFA was available for WorkMail through other methods, stating, “It was previously possible to configure MFA via AWS Directory Service, but setup was complex for customers and it only supported AWS-managed Microsoft ADs.”

“WorkMail continues to adhere to general security updates consistent with AWS standards, such as moving TLS minimum versions to 1.2, expanding audit logging support, and providing guidance to customers [on] how to implement overarching protections against a wide range of potential compromises,” the spokesperson said.

More from TechRadar Pro

TOPICS
Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.