Amazon announced two new security initiatives that will help protect organizations and individuals from increasing cybersecurity threats. Starting in October, Amazon will make available to the public the cybersecurity training materials it has developed to keep its employees and sensitive information safe from cyberattack. In addition, Amazon announced that it will offer qualified AWS customers a free multi-factor authentication (MFA) device designed to further secure their environments and protect their most sensitive assets from cyberattacks.
“A fundamental problem when addressing current cybersecurity threats is education, which is why we’re excited to share our Amazon Security Awareness training for free to help organizations and individuals understand how to navigate and fight against security events,” said Steve Schmidt, Chief Information Security Officer of AWS. “And by giving qualified AWS customers access to free MFA tokens, we’ve made it even easier for companies to use this powerful tool to protect their data and important technology assets.”
- Amazon Security Awareness: Social engineering is a large vector for cybersecurity attacks. In some cases, phishing emails try to get employees to click on a link and reveal their login credentials. In other cases, phone call scams try to get people to disclose personal information. People and organizations need security training to identify and keep themselves safe from these attacks, but often, they lack the time to take hours-long training courses, even when they are available and provide the right information. Amazon has designed a digestible and succinct curriculum, used with its employees, to anticipate and educate about possible security threats. Starting in October, Amazon will offer this Security Awareness training free of charge to both organizations and individuals. Businesses and organizations can also build their own solutions on top of the Amazon training to suit their needs. The Amazon Security Awareness training courses include videos and online assessments. The materials leverage proven neuroscience and adult learning principles to enhance content retention and are regularly updated as digital attack techniques evolve.
- Multi-Factor Authentication: For highly sensitive information (e.g. personal documents, proprietary customer information, companies’ technology infrastructure assets) stronger tools are needed to protect data. Starting in October, qualified AWS account holders can receive a MFA device at no additional cost, providing customers with a stronger security posture. AWS users with access to the AWS Management Console can authenticate themselves by typing in their passwords and then simply touching the MFA security token plugged into their computer’s USB port. The free MFA token adds a layer of security to protect customers’ AWS accounts against phishing, session hijacking, man-in-the-middle, and malware attacks. Customers can also use their MFA devices to safely access multiple AWS accounts, as well as other token-enabled applications, such as GitHub, Gmail, and Dropbox.