Ensure account MFA is enabled

When creating a new AWS account, the email that was used to create the AWS account has the highest privileges. For this reason it is considered a security best practice to enable MFA on the root account. Ensuring that your account is restricted with MFA will help you with CIS and NIST Compliance.

Audit & Remediation

  • Login into your AWS account (with your root account)
  • Navigate to the IAM service at: https://console.aws.amazon.com/iam
  • On the top navigation bar, select your account name | id and then select My Security Credentials.

 

 

  • Under Your Security Credentials select the Multi-factor authentication (MFA) accordion to expand, then select Activate MFA.

 

 

  • Choose the MFA device that you wish to enable. We will leverage the Virtual device and leverage the google authenticator device.

 

 

  • On your mobile device use Google Authenticator and scan the QR code. Add the number displayed on your Authenticator application into the MFA Code 1 box. Once the number changes, add the next number into the MFA Code 2 box and then choose Assign MFA.

 

 

  • Repeat the outlined steps in each of your accounts.
See all of your AWS EC2 Instances in a single place!

Do you want to see all of your AWS EC2 Instances in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.
demo.intelligentdiscovery.io

 

Other Key Features

Inventory

Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.

learn more +