CRITICALCIS 1.1

Ensure MFA is enforced for all users

Multi-factor authentication should be required for all Cloud Identity users.

Security Impact

Without MFA, compromised passwords provide direct access to cloud resources.

How to Remediate

Enable 2-Step Verification enforcement in Cloud Identity/Workspace admin console.

Affected Resources

User

Compliance Frameworks

CIS GCP v1.3.0SOC 2PCI-DSSHIPAA

How TigerGate Helps

TigerGate continuously monitors your GCP environment to detect and alert on this misconfiguration. Here's what our platform does for this specific check:

  • Continuous Scanning

    Automatically scans all Google Cloud IAM resources across your GCP projects every hour

  • Instant Alerts

    Get notified via Slack, email, or webhooks when this misconfiguration is detected

  • One-Click Remediation

    Fix this issue directly from the TigerGate dashboard with our guided remediation

  • Compliance Evidence

    Automatically collect audit evidence for CIS GCP v1.3.0, SOC 2, PCI-DSS compliance

  • Drift Detection

    Get alerted if this configuration drifts back to an insecure state after remediation

Check Details

Check ID
gcp-iam-5
Service
Google Cloud IAM
Category
Identity Management
Severity
CRITICAL
CIS Benchmark
1.1

Automate This Check

TigerGate automatically scans your GCP environment for this and 79+ other security checks.

Start Free Trial

Related Google Cloud IAM Checks

View all checks
gcp-iam-1high

Ensure service account keys are rotated within 90 days

gcp-iam-2medium

Ensure user-managed service account keys are not used

gcp-iam-3high

Ensure primitive roles (Owner, Editor, Viewer) are not used

gcp-iam-4critical

Ensure service accounts do not have admin privileges

gcp-iam-6high

Ensure corporate login credentials are used