AWS is introducing centralized security controls to help businesses adopt MFA

News
By published

AWS wants to boost organizational security even further

AWS logo
(Image credit: Future / Mike Moore)
  • AWS is introducing a central management tools to AWS Organizations
  • The tool will allow security teams to manage root user access
  • Root sessions are also being introduced for short-term root access

AWS Identity and Access Management is helping businesses boost multi-factor authentication (MFA) adoption and organizational security by introducing a centrally managed security feature.

The tool will help organizations and security teams manage root credentials and root sessions through AWS Organizations.

AWS hopes the tool will help reduce the risk of lateral movement and privilege escalation in the event of a cyberattack, while also making day to day security easier and scalable.

Boosting MFA and account security

AWS has taken several steps recently to enhance account security, initially introducing MFA for management account root users before launching FIDO2 passkey support which resulted in a 100% increase in MFA adoption for AWS Organizations users with more than 750,000 AWS root users enabling the phishing-resistant authentication method.

Now, security teams will also be able to remove long-term root credentials to prevent them from being abused, and will also stop them from being recovered and used maliciously.

“This will improve the security posture of our customers while simultaneously reducing their operational effort,” the blog post stated.

The centralized management tool will also allow security teams to create accounts without root credentials, making them secure-by-default and removing the need for additional security measures. The tool will also assist with compliance-related issues by allowing security teams to closely monitor and remove long-term root credentials.

As an additional preventative measure against the misuse of root credentials, AWS is also introducing ‘root sessions’ that provide short-term access for specific tasks and actions, relying on the principle of least privilege to minimize the possibility of malicious use.

Root sessions will also reduce the burden on security teams by helping them adhere to AWS best practices, and perform privileged root actions from a single central dashboard, rather than having to manually log in to each user account.

Central root account management is available through IAM console, AWS CLI or AWS SDK, with additional details for obtaining root credentials on the AWS blog.

You might also like

Benedict Collins
Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

Read more
An abstract image of a lock against a digital background, denoting cybersecurity.
Building a resilient workforce security strategy
Concept art representing cybersecurity principles
“Everything starts with security" - AWS CISO on how making security simple can be the key to safety
1Password
Keep your company's passwords protected with 1Password Business Plan
Representational image of a shrouded hacker.
Getting to grips with Adversary-in-the-Middle threats
Cyber-security
The definitive guide to credential collaboration
Illustration of a hooked email hovering over a mobile phone
AWS misconfigurations reportedly used to launch phishing attacks
Latest in Pro
Isometric demonstrating multi-factor authentication using a mobile device.
NCSC gets influencers to sing the praises of 2FA
Sam Altman and OpenAI
OpenAI is upping its bug bounty rewards as security worries rise
Context Windows
Why are AI context windows important?
BERT
What is BERT, and why should we care?
A person holding out their hand with a digital AI symbol.
AI is booming — but are businesses seeing real impact?
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
Latest in News
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
Three angles of the Apple MacBook Air 15-inch M4 laptop above a desk
Apple MacBook Air 15-inch (M4) review roundup – should you buy Apple's new lightweight laptop?
Witchbrook
Witchbrook, the life-sim I've been waiting years for, finally has a release window and it's sooner than you think
Amazon Echo Smart Speaker
Amazon is experimenting with renaming Echo speakers to Alexa speakers, and it's about time
Shigeru Miyamoto presents Nintendo Today app
Nintendo Today smartphone app is out now on iOS and Android devices – and here's what it does
iPhone 13 mini
The iPhone mini won't be returning, according to rumors – and you think that's a mistake
More about pro
Sam Altman and OpenAI

OpenAI is upping its bug bounty rewards as security worries rise
BERT

What is BERT, and why should we care?
Asus Ascent GX10 Rear

Asus's more affordable version of Nvidia's uber-popular Project Digits snapped at GTC 2025
See more latest
Most Popular
Asus Ascent GX10 Rear
Asus's more affordable version of Nvidia's uber-popular Project Digits snapped at GTC 2025
iPhone 13 mini
The iPhone mini won't be returning, according to rumors – and you think that's a mistake
Sam Altman and OpenAI
OpenAI is upping its bug bounty rewards as security worries rise
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
Amazon Echo Smart Speaker
Amazon is experimenting with renaming Echo speakers to Alexa speakers, and it's about time
Isometric demonstrating multi-factor authentication using a mobile device.
NCSC gets influencers to sing the praises of 2FA
The cast of Black Mirror season 7
Everything new on Netflix in April 2025 – including Black Mirror season 7 and Love on the Spectrum
Witchbrook
Witchbrook, the life-sim I've been waiting years for, finally has a release window and it's sooner than you think
Businessman holding a magnifier and searching for a hacker within a business team.
Cloud streaming hoster StreamElements confirms data breach following attack