Eight years on from its initial launch, Amazon has introduced multi-factor authentication (MFA) to its business cloud-hosted email service, WorkMail.
Better late than never appears to be the justification behind the near-decade delay, especially for one of the most basic forms of identity verification that has been standard practice for several years now.
However there are still hurdles to enabling MFA for WorkMail, as it will not be enabled by default and system administrators will have to manually add each user to the AWS Identity Center.
MFA at last
Amazon launched WorkMail as a competitor to Microsoft Exchange, and over the past years has built a modest customer base but still struggles to compete despite many businesses migrating to Amazon provided services and continuing to use Microsoft Exchange.
In late 2023, Amazon signed a $1 billion deal with Microsoft to provide Microsoft 365 licenses to one million of Amazon’s corporate and frontline workers, including Outlook.
In a response to questioning by TheRegister, an Amazon spokesperson said MFA was available for WorkMail through other methods, stating, “It was previously possible to configure MFA via AWS Directory Service, but setup was complex for customers and it only supported AWS-managed Microsoft ADs.”
“WorkMail continues to adhere to general security updates consistent with AWS standards, such as moving TLS minimum versions to 1.2, expanding audit logging support, and providing guidance to customers [on] how to implement overarching protections against a wide range of potential compromises,” the spokesperson said.
More from TechRadar Pro
- These are the best email providers around
- Hundreds of Amazon employees petition CEO to reverse return-to-office policy
- Take a look at the best cloud storage