Mandatory MFA on Google Cloud Strengthens Security by 2025

Google Cloud recently announced a major policy shift requiring all users to adopt multifactor authentication (MFA) by the end of 2025. This move aligns Google Cloud with other cloud giants like AWS and Microsoft Azure, all of which will implement MFA mandates for their customers in the coming year. Google will begin encouraging users to enroll in MFA this month, and early in 2025, it will require MFA for all users logging in with a password. By the end of the year, this mandate will also apply to users who access Google Cloud through third-party identity providers.

This initiative is part of a broader industry trend to enhance security by integrating MFA, a key component of the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) secure-by-design goals. Google Cloud’s commitment follows similar moves by AWS, which initiated MFA mandates for high-privilege users earlier this year, and Microsoft, which implemented an MFA requirement for Azure sign-ins in October.

Highlighting the benefits of this change, Mayank Upadhyay, Google Cloud’s VP of engineering, emphasized that CISA’s findings show MFA reduces the risk of hacking by 99%. By moving toward a more secure-by-default approach, the leading cloud providers aim to shift security responsibilities from customers to vendors, ensuring safer cloud environments for users worldwide.

Source: Cybersecurity Dive

The European Cyber Intelligence Foundation is a nonprofit think tank specializing in intelligence and cybersecurity, offering consultancy services to government entities. To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.