Latest Tech News: Google Cloud to Make Multi-Factor Authentication Mandatory
In its attempt to improve account security, Google Cloud division has announced to mandate multi-factor authentication for all the users by the end of 2025.
About 70% of Google Cloud users already use multi-factor authentication (MFA) for their accounts. Now, the company wants to push the rest 30% to adopt multi-factor authentication as well.
Implementation Plan
“We will be implementing mandatory MFA for Google Cloud in a phased approach that will roll out to all users worldwide during 2025,” Mayank Upadhyay, Vice President of engineering at Google Cloud, said in a blog post. “To ensure a smooth transition, Google Cloud will provide advance notification to enterprises and users along the way to help plan MFA deployments.”
Google will notify enterprise users in advance about the multi-factor authentication requirement because this way businesses can prepare and help their employees adjust to the change. All the customers who log in with a password must enable MFA for their accounts, starting in 2025. By the end of the year, anyone who uses third-party services to access Google Cloud must also use this extra security step.
Rollout Phases
The roll out process will begin in three stages from this month until the end of 2025. Phase one will encourage the adoption of multi-factor authentication by providing useful reminders and more information about the Cloud Console technology. It will also provide resources regarding planning and a smooth transition to MFA. Phase two will start in early 2025 where new and existing Google Cloud users need to enroll in MFA to use platforms like Google Cloud Console, Firebase Console and gCloud.
The third phase of the rollout will begin at the end of 2025 where using multi-factor authentication will become mandatory for those using federated authentication while signing into Google Cloud. Users will be given flexible options for signing in, such as enabling MFA with the primary identity provider or using it directly via the Google account.
“For example, you can enable MFA with your primary identity provider before accessing Google Cloud — we will be working closely with identity providers to ensure there are standards in place for a smooth hand-off,” Upadhyay stated. “Alternatively, you can add an extra layer of MFA through your Google account if you prefer to use our system.”
Industry-Wide Adoption
Well Google is not the only one to make multi-factor authentication mandatory for its users. Microsoft in August announced a similar action to make it mandatory for its Azure cloud accounts starting last month with users signing into Azure portal and the Entra and Intune administrator centers. Even Amazon is onboard for MFA for Amazon Web Services (AWS), started in recent months.
In the latest cybersecurity news, Snowflake, a data warehousing company, announced that all users require multi-factor authentication after a data breach that took place resulting in stolen credentials of its 165 customers.
This crucial step of multi-factor authentication will make it harder for hackers to break in through phishing scams. With the surge in high-profile data breaches and attacks worldwide, adding multi-factor authentication will help protect individuals from data thefts.
