The report highlights alarming statistics, showing that 62% of Google Cloud service accounts, 60% of AWS IAM users, and 46% of Microsoft Entra ID applications possess access keys that are over a year old.

Long-lived credentials, which are authentication tokens or keys that remain valid for extended periods, can be exploited by attackers if not properly managed.

Organizations struggle with the management of long-lived credentials, especially as they scale, leading to increased vulnerability.

Datadog's 2024 'State of Cloud Security' report reveals that a significant number of organizations are at risk due to the prevalence of long-lived credentials across major cloud services such as Google Cloud, AWS, and Microsoft Entra.

Many of these long-lived credentials are often unused and can inadvertently be exposed in source code, creating significant security risks.

Andrew Krug from Datadog emphasized that securely managing long-lived credentials is unrealistic and called for companies to improve their identity security practices.

To mitigate these risks, Datadog recommends avoiding long-lived credentials altogether and instead advocates for the use of modern authentication methods and short-lived credentials.

With almost half of organizations having users with long-lived credentials in cloud services, the potential for data breaches is a growing concern.