Nearly half of organizations have users with “long-term” credentials in cloud services, making them more vulnerable to falling victim to a data breach.
Long-lived credentials are authentication codes or keys in the cloud that remain for a long period of time – sometimes valid and sometimes not – which ultimately leads to major data breaches where attackers have a long open window to compromise credentials.
In Datadog's 2024 “State of Cloud Security” report According to the report, researchers found that long-lived credentials are a widespread problem across all major cloud services, including… Google CloudAmazon Web Services (AWS) and Microsoft Entra. Not only that, many of them are unused, often leaked in source code, where they can open access to images, create logs and application items, never expire and become major security risks. The researchers found that 62% of Google Cloud accounts, 60% of AWS IAM users, and 46% of Microsoft Entra ID applications had an access key that was more than one year old.
Ultimately, organizations struggle to manage these types of credentials, especially at scale, so researchers at Datadog recommend avoiding long-term credentials altogether in order to mitigate this issue.
“My findings State of cloud security 2024 “It is unrealistic to expect that long-term credentials can be managed securely.” Andrew Krug saidHead of Security Defense at Datadog. “To protect themselves, companies need to secure identities using modern authentication mechanisms, leverage short-lived credentials and monitor changes to application programming interfaces (APIs) commonly used by attackers.”
