lacework-global-233
Ensure that Multi-Factor Authentication is 'Enabled' for All Non-Service Accounts (Manual)
Profile Applicability
• Level 1
Description
Setup multi-factor authentication for Google Cloud Platform accounts.
Rationale
Multi-factor authentication requires more than one mechanism to authenticate a user. This secures user logins from attackers exploiting stolen or weak credentials.
Audit
From Console:
For each Google Cloud Platform project, folder, or organization:
- Identify non-service accounts.
- Manually verify that multi-factor authentication for each account is set.
Remediation
From Console:
For each Google Cloud Platform project:
- Identify non-service accounts.
- Setup multi-factor authentication for each account.
References
https://cloud.google.com/solutions/securing-gcp-account-u2f
https://support.google.com/accounts/answer/185839