Amazon announced two new security initiatives that will help protect organizations and individuals from increasing cybersecurity threats. Starting in October, Amazon will make cybersecurity training materials it has developed to keep its employees and sensitive information safe from cyberattack available to the public. In addition, Amazon announced that it will offer qualified Amazon Web Services (AWS) customers a free multi-factor authentication (MFA) device designed to further secure their environments and protect their most sensitive assets from cyberattacks.
“A fundamental problem when addressing current cybersecurity threats is education, which is why we’re excited to share our Amazon Security Awareness training for free, to help organizations and individuals understand how to navigate and fight against security events,” said Steve Schmidt, chief information security officer of AWS. “And by giving qualified AWS customers access to free MFA tokens, we’ve made it even easier for companies to use this powerful tool to protect their data and important technology assets.”
Amazon security awareness
Social engineering is a large vector for cybersecurity attacks. In some cases, phishing emails try to get employees to click a link and reveal their login credentials. In other cases, phone call scams try to get people to disclose personal information. People and organizations need security training to identify and keep themselves safe from these attacks, but often, they lack the time to take hours-long training courses, even when they are available and provide the right information. Amazon designed a digestible and succinct curriculum, used with its employees, to anticipate and educate people about possible security threats. Starting in October, Amazon will offer this Security Awareness training free of charge to both organizations and individuals. Businesses and organizations can also build their own solutions on top of the Amazon training to suit their needs. The Amazon Security Awareness training includes videos and online assessments. The materials follow proven neuroscience and adult learning principles to enhance content retention and they are regularly updated as digital attack techniques evolve.
For highly sensitive information (such as personal documents, proprietary customer information, and companies’ technology infrastructure assets) stronger tools are needed to protect data. Starting in October, qualified AWS account holders can receive an MFA device at no additional cost, providing customers with a stronger security posture. AWS customers with access to the AWS Management Console can authenticate themselves by typing their passwords and then simply touching the MFA security token plugged into their computer’s USB port. The free MFA token adds a layer of security to protect customers’ AWS accounts against phishing, session hijacking, man-in-the-middle, and malware attacks. Customers can also use their MFA devices to safely access multiple AWS accounts, as well as other token-enabled applications, such as GitHub, Gmail, and Dropbox.