AWS ups security in WorkSpaces with multi-factor authentication

News
By ( CloudPro ) published

Adds Radius MFA to Desktop-as-a-Service

three blocks in front of falling binary code

AWS is beef up security of its WorkSpaces desktop-as-a-service (DaaS) offering by enabling support for multi-factor authentication. Users of the service can access the extra security at no extra cost.

The DaaS product was unveiled by Amazon earlier in the year as a cloud-based desktop service running Windows to enable access to Windows applications from various devices.

According to Jeff Barr, chief evangelist for AWS, WorkSpaces now offers multi-factor authentication using an on-premise Radius server.

"In plain English, your WorkSpaces users will now be able to authenticate themselves using the same mechanism that they already use for other forms of remote access to your organisation's resources," Barr wrote in a blog post.

He added that WorkSpaces users would log in by entering their Active Directory user name and password followed by an OTP (One-Time Passcode) supplied by a hardware or a software token.

Barr said the firm has verified its implementation against the Symantec VIP and Microsoft Radius Server products. It supports the PAP, CHAP, MS-CHAP1, and MS-CHAP2 protocols, along with Radius proxies.

"As a WorkSpaces administrator, you can configure this feature for your users by entering the connection information — IP addresses, shared secret, protocol, timeout, and retry count — for your RADIUS server fleet in the Directories section of the WorkSpaces console," said Barr.

Barr suggested that such security could be just the beginning for WorkSpaces and multi-factor authentication.

"As is the case with every part of AWS, we plan to enhance this feature over time. We expect to add support for additional authentication options such as smart cards and certificates,” he said.

Last month, AWS added some features to improve integration with on-premises Active Directory. This included the ability to search for and select the desired Organisational Unit from Active Directory as well as the use of separate domains for users and resources, improving security and manageability.

"You can also add a security group that is effective within the VPC associated with your WorkSpaces desktops; this allows you to control network access from WorkSpaces to other resources in your VPC and on-premises network," said Barr.

Rene Millman
Rene Millman

Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.

Latest in Cloud Security
AI chatbot text dialogue boxes in difference colours above a digital circuit board with lines of light emanating from it
Enterprise AI is surging, but is security keeping up?
Cloud storage concept image showing digitized cloud symbol with data flows.
AI is putting your cloud workloads at risk
Logo of Google Cloud, which recently announced the Wiz acquisition, pictured at Mobile World Congress 2025 in Barcelona, Spain.
The Wiz acquisition stakes Google's claim as the go-to hyperscaler for cloud security – now it’s up to AWS and industry vendors to react
Wiz logo pictured on a laptop screen.
Google confirms Wiz acquisition in record-breaking $32 billion deal
A multicolored, CGI padlock set against blue and yellow glowing slabs representing SWG and next-gen SWG in a cloud environment.
What is a secure web gateway (SWG) and next-gen SWG?
Cloud computing concept image showing a cloud symbol with electricity flowing to it, signifying cloud uptime capabilities.
Surging CNAPP investment is a big opportunity for the channel
Latest in News
Dell Technologies logo and branding pictured at the company's stall at Mobile World Congress (MWC) in Barcelona, Spain.
Scale of Dell job cuts laid bare as firm sheds 10% of staff in a year
Male employee sitting at a desk working on a laptop with earphones in and books scattered on desk.
Employees want purpose, and they’re willing to quit to find it – upskilling, career growth, and work-life balance have shifted priorities for workers
NHS logo displayed on a smartphone screen in white lettering on a blue background.
NHS supplier hit with £3m fine for security failings that led to attack
OpenAI logo and branding pictured at Mobile World Congress 2024 in Barcelona, Spain.
OpenAI announces five-fold increase in bug bounty reward
Digital handshake concept with Hand shake between two businessmen with digital hand
SYSPRO appoints Josef Al-Sibaie to spearhead global expansion
A telephoto shot of Evan Goldberg, founder and EVP at Oracle NetSuite, pictured from the waist up speaking onstage at the opening keynote of SuiteConnect London 2025.
‘Every feature that comes into NetSuite over the coming years is going to have AI’: NetSuite’s Evan Goldberg on the future of the platform and how AI will drive customer success
More about cloud security
AI chatbot text dialogue boxes in difference colours above a digital circuit board with lines of light emanating from it

Enterprise AI is surging, but is security keeping up?
Cloud storage concept image showing digitized cloud symbol with data flows.

AI is putting your cloud workloads at risk
Dell Technologies logo and branding pictured at the company's stall at Mobile World Congress (MWC) in Barcelona, Spain.

Scale of Dell job cuts laid bare as firm sheds 10% of staff in a year
See more latest
Most Popular
Dell Technologies logo and branding pictured at the company's stall at Mobile World Congress (MWC) in Barcelona, Spain.
Scale of Dell job cuts laid bare as firm sheds 10% of staff in a year
Male employee sitting at a desk working on a laptop with earphones in and books scattered on desk.
Employees want purpose, and they’re willing to quit to find it – upskilling, career growth, and work-life balance have shifted priorities for workers
NHS logo displayed on a smartphone screen in white lettering on a blue background.
NHS supplier hit with £3m fine for security failings that led to attack
OpenAI logo and branding pictured at Mobile World Congress 2024 in Barcelona, Spain.
OpenAI announces five-fold increase in bug bounty reward
Digital handshake concept with Hand shake between two businessmen with digital hand
SYSPRO appoints Josef Al-Sibaie to spearhead global expansion
ChatGPT logo and branding pictured in white coloring against a black backdrop.
DeepSeek and Anthropic have a long way to go to catch ChatGPT: OpenAI's flagship chatbot is still far and away the most popular AI tool in offices globally
A telephoto shot of Evan Goldberg, founder and EVP at Oracle NetSuite, pictured from the waist up speaking onstage at the opening keynote of SuiteConnect London 2025.
‘Every feature that comes into NetSuite over the coming years is going to have AI’: NetSuite’s Evan Goldberg on the future of the platform and how AI will drive customer success
Cybersecurity concept image symbolizing third-party data breaches with give padlock symbols and one pictured in red, signifying a security breach.
These five countries recorded the most third-party data breaches last year
Phishing concept image showing an email symbol with fishing hook.
Have I Been Pwned owner Troy Hunt’s mailing list compromised in phishing attack
Flexible work concept image showing woman working in office environment side by side with woman working from home.
IT professionals aren’t budging on flexible work demands – and more than half say they’ll quit if employers don’t meet expectations