Sergei

Overview
Critical
1
High
0
Medium
1
Low
3
Informational
0
Security issues (5)
Severity Non-Compliance Issue Remediation Read more Action
Medium CIS 1.10 PCI DSS 8.4 IAM user "Sergei" does not have Multi-factor authentication (MFA) enabled. PCI DSS Requirement 8.3: Incorporate multi-factor authentication for all non-console access into the CDE for personnel with administrative access. More info
Low CIS 1.11 IAM user "Sergei" has both an access key for programmatic access and a password to sign-in to the AWS Management Console. Consider creating a separate IAM user for programmatic access. More info
Critical IAM user "Sergei" has two access keys. While doing so makes rotation easier, having both access keys enabled increases the risk of a data breach. Delete or deactivate the first access key for the user "Sergei". More info
Low IAM user "Sergei" has inline IAM policies. Ensure IAM policies are attached only to groups or roles. More info
Low IAM user "Sergei" is among 8 IAM user administrators. Every additional administrator increases the risk of a data breach. Keep 2 IAM users with administrative permissions, while giving other IAM users a unique set of security credentials. More info