ShtëpiMenaxhimi i riskutGoogle Cloud will require Multifactor Authentication by 2025

Google Cloud will require Multifactor Authentication by 2025

Publikuar më

spot_img

Google Cloud is making a significant move to enhance security measures for its users by implementing mandatory multifactor authentication (MFA) on all Google Cloud accounts. This decision comes as a response to the increasing threat of phishing and data theft, with Google Cloud’s Mandiant identifying these as the primary attack vectors affecting cloud environments.

According to a blog post by Google on November 5, the Cybersecurity and Infrastructure Security Agency (CISA) found that implementing MFA makes users 99% less likely to be hacked. With this statistic in mind, Google is taking proactive steps to safeguard its users by requiring the use of MFA for sign-on on all Google Cloud accounts by the end of 2025.

While this new requirement will be mandatory for all Google Cloud users, it will not apply to owners of Google’s general consumer accounts. The company acknowledges that 70% of Google users have already enabled MFA, but aims to increase this number to ensure comprehensive protection against cyber threats.

In order to facilitate a smooth transition for users, Google will be rolling out the MFA requirement in three phases. The first phase, starting from November 2024, will involve encouraging MFA adoption through reminders and information in the Google Cloud console, along with resources to help users plan the rollout and enable MFA. The second phase, set to begin in early 2025, will make MFA mandatory for all new and existing Google Cloud users who sign in with a password. The final phase, scheduled for the end of 2025, will extend the MFA requirement to all users who federate authentication into Google Cloud.

For Google Cloud federated users, there will be flexible options available to meet the third phase requirement. Users can choose to enable MFA with their primary identity provider before accessing Google Cloud, or add an extra layer of MFA through their Google account if they prefer to use the system provided by Google. This approach aims to give users the freedom to select the MFA method that best suits their needs and preferences.

Google has a history of emphasizing the importance of security, having introduced two-factor authentication in 2011 with its 2-Step Verification feature, and implementing passkeys through the ‘Security Keys for Google Accounts’ scheme in 2014. In 2023, Google made passkeys the default sign-in option, further enhancing security measures for its users.

Overall, Google’s decision to implement mandatory MFA on all Google Cloud accounts reflects its commitment to prioritizing user security and protecting against evolving cyber threats. By encouraging the adoption of MFA and providing flexible options for users, Google aims to create a safer and more secure environment for its cloud users worldwide.

Lidhja e burimit

Artikujt e fundit

Tips for Defeating Stealthy E-Crime and Nation-State Threats

In the realm of cybersecurity, the past year has witnessed a significant rise in...

Hamden police officer faces charges for computer crimes – WTNH.com

A Hamden police officer has recently found himself on the wrong side of the...

Singtel targeted by Chinese hackers in a test run for attacks on US targets

Singtel, one of Asia's largest telecommunications providers, reportedly fell victim to a breach by...

New SteelFox Trojan imitates software activators, steals sensitive data and mines cryptocurrency – Source: securelist.com

In August 2024, a new crimeware bundle named "SteelFox" was discovered by a security...

Më shumë si kjo

Tips for Defeating Stealthy E-Crime and Nation-State Threats

In the realm of cybersecurity, the past year has witnessed a significant rise in...

Hamden police officer faces charges for computer crimes – WTNH.com

A Hamden police officer has recently found himself on the wrong side of the...

Singtel targeted by Chinese hackers in a test run for attacks on US targets

Singtel, one of Asia's largest telecommunications providers, reportedly fell victim to a breach by...
sqAlbanian