1.2 Ensure that Multi-Factor Authentication is 'Enabled' for All Non-Service Accounts

Information

Setup multi-factor authentication for Google Cloud Platform accounts.

Rationale:

Multi-factor authentication requires more than one mechanism to authenticate a user. This secures user logins from attackers exploiting stolen or weak credentials.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

From Google Cloud Console
For each Google Cloud Platform project:

Identify non-service accounts.

Setup multi-factor authentication for each account.

Default Value:

By default, multi-factor authentication is not set.

See Also

https://workbench.cisecurity.org/benchmarks/11843

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-2(1), 800-53|IA-2(2), CSCv7|16.3

Plugin: GCP

Control ID: 24bd9e05e5f3dfbc436b134676b20997e7bf96ba76806eddd383824eef12bd6d