Datadog’s State of Cloud Security 2024 report highlights the ongoing risks posed by long-lived cloud credentials and advises enterprises to transition to modern, temporary credential management systems, according to TechRepublic.
The report found that long-lived credentials, such as outdated access keys and identity and access management users, remain a significant security vulnerability across all major cloud providers, including Amazon Web Services, Google Cloud, and Microsoft Azure.
According to the report, nearly half of organizations using AWS rely on IAM users for cloud access, with 24% lacking centralized federated authentication entirely. Additionally, 60% of AWS IAM users, 62% of Google Cloud service accounts, and 46% of Microsoft Entra ID applications retain access keys older than a year. These outdated credentials frequently appear in source code, application artifacts, and build logs, making them a leading cause of cloud data breaches. Datadog recommends leveraging secure identity solutions, such as AWS IAM Identity Center or similar centralized management tools, to adopt time-bound, temporary credentials. These modern practices enhance security by reducing exposure to overly permissive access and unauthorized usage while maintaining operational efficiency.
