Datadog Report: Long-Lived Cloud Credentials Pose Major Security Risk to Organizations in 2024
October 22, 2024The report highlights alarming statistics, showing that 62% of Google Cloud service accounts, 60% of AWS IAM users, and 46% of Microsoft Entra ID applications possess access keys that are over a year old.
Long-lived credentials, which are authentication tokens or keys that remain valid for extended periods, can be exploited by attackers if not properly managed.
Organizations struggle with the management of long-lived credentials, especially as they scale, leading to increased vulnerability.
Datadog's 2024 'State of Cloud Security' report reveals that a significant number of organizations are at risk due to the prevalence of long-lived credentials across major cloud services such as Google Cloud, AWS, and Microsoft Entra.
Many of these long-lived credentials are often unused and can inadvertently be exposed in source code, creating significant security risks.
Andrew Krug from Datadog emphasized that securely managing long-lived credentials is unrealistic and called for companies to improve their identity security practices.
To mitigate these risks, Datadog recommends avoiding long-lived credentials altogether and instead advocates for the use of modern authentication methods and short-lived credentials.
With almost half of organizations having users with long-lived credentials in cloud services, the potential for data breaches is a growing concern.
Summary based on 1 source
Get a daily email with more Tech stories
Source
Dark Reading • Oct 21, 2024
Unmanaged Cloud Credentials Pose Risk to Half of Orgs