FB pixel

Google implements mandatory MFA and passkey expansion for cloud security

Google implements mandatory MFA and passkey expansion for cloud security
 

Google recently announced that it will require multi-factor authentication (MFA) for all Google Cloud accounts starting in early 2025. This change affects both corporate and individual Google Cloud users, as Google steps up its efforts to combat cybersecurity threats across its platforms.

The implementation of MFA is being rolled out in phases with the first phases beginning this month with reminders and information in the Google Cloud console. By early next year, Google will require MFA for all new and existing Google Cloud users who sign in with a password, and by the end of 2025, Google says it will extend the MFA requirement to all users who federate authentication into Google Cloud.

With MFA, Google Cloud users will need to verify their identity through an additional factor beyond their password, such as a one-time code or biometric verification. Google has provided a range of MFA options, including Google Authenticator and various third-party authentication apps. For enterprises, this will involve updating security policies and educating employees on new authentication requirements. Additionally, administrators will have access to Google Cloud’s identity and access management (IAM) resources to aid the transition.

The company’s blog post on the subject emphasizes the pressing need for enhanced security protocols, especially given the sensitive data handled on Google Cloud. “We’ve always prioritized protecting your identity in order to keep your account and sensitive information safe, and we use a variety of risk-based signals to quickly detect if an account is compromised and subsequently help users restore it securely,” the company notes.

Google is not the only one. Tech giant Microsoft has also made MFA mandatory for Azure sign-ins, and Amazon Web Services (AWS) added passkeys to the list of supported MFA for AWS Identity and Access Management (IAM) users.

Accelerating the adoption of passkeys

In addition to mandatory MFA, Google is accelerating the adoption of passkeys in replace of passwords. Earlier this year, Google announced that it would be transitioning millions of users toward passkeys, unveiling the expansion of its Cross-Account Protection program and new updates to passkeys.

The Cross-Account Protection program is a scheme Google created for sharing security notifications, with other companies that run the non-Google apps and services its users use.

Google previously outlined seven steps it is taking to fulfill the Secure by Design Pledge, an initiative introduced by the U.S. Cybersecurity & Infrastructure Security Agency (CISA) earlier this year. Google is among over 200 organizations that have signed onto this commitment.

A key component of Google’s security measures is MFA, along with a strong push toward passkeys for a passwordless login experience.

Related Posts

Article Topics

 |   |   |   |   | 

Latest Biometrics News

 

IntelliVision censured for misleading biometric accuracy and bias claims by FTC

The U.S. Federal Trade Commission has slapped IntelliVision with a consent order to halt claims about the accuracy of its…

 

Atos and partners blamed for EES delays

Atos and its consortium partners bear a major share of responsibility for delays in deploying the European Union’s delayed biometric…

 

CFIT pushes efforts on digital company ID to tackle economic crime in the UK

The UK’s Centre for Finance, Innovation and Technology (CFIT) has unveiled progress by its coalition of financial institutions, regulators, and…

 

iProov, iiDENTIFii help Standard Bank create network of trust

It’s one thing to know your customer, and another thing to know your customer is real. As GenAI becomes a…

 

World to spend $26B on IDV checks by 2029: Juniper

By 2029, the total global spend for digital identity verification checks will spike by 74 percent to reach $26 billion,…

 

Regula to replace SumSub as face biometrics provider for Maldives

Regula Forensics has been granted the contract to provide face recognition for the Maldives’ national digital identity, eFaas, after the…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events