Datadog, Inc. (NASDAQ: DDOG), the monitoring and security platform for cloud applications, has announced the 2025 State of Cloud Security report. In it, Datadog found that newer strategies – such as data perimeters and centrally managed multi-account environments – are growing in popularity.
Datadog’s report analyses security posture data from a sample of thousands of organisations that use AWS, Azure, or Google Cloud. In its research, Datadog found that 40 per cent of organisations are using data perimeters – a high number considering that implementing data perimeters is an advanced practice. The most popular way to implement data perimeters was through S3 bucket and VPC endpoint policies.
Another strategy teams are employing to reduce security risk is multi-account environments. Enforcing minimal privileges in a single account is challenging, which is why centrally managing multiple accounts through AWS Organizations has become a security best practice. This approach enables teams to enforce security invariants across all accounts with top-down guardrails. Datadog found that adoption of platforms like AWS Organizations is widespread – 86 per cent of companies use multi-account within an AWS Organization, with more than two in three (70 per cent) having all their accounts part of an AWS Organization.
Part of the reason teams are implementing new security strategies is that credential theft remains a major attack vector, a problem that is exacerbated by long-lived credentials that never expire and frequently get leaked in source code, container images, build logs, and applications artifacts. This year, 59 per cent of AWS identity and access management (IAM) users, 55 per cent of Google Cloud service accounts, and 40 per cent of Microsoft Entra ID applications had an access key older than one year.
“Every identity – human or machine – represents a potential entry point to our critical data,” said Emilio Escobar, CISO at Datadog. “Strong access controls and continuous verification aren’t just security features; they’re foundational to protecting our assets in today’s borderless environment.”
“We know identity-based attacks are one of the most common methods of cyberattack in Australia and New Zealand and too often it is long-lived credentials opening the door,” said Roz Gregory, Regional Vice President for A/NZ. “Teams must move beyond simply shortening credential lifecycles, they must also employ controls that restrict access to trusted networks and accounts.
“The State of Cloud Security report revealed that many organisations have cloud accounts with active access keys older than one year – and many of these are potentially unused – while every cloud environment has seen an increased percentage in access keys older than three years from 2024. Combined with the potential of overprivileged third-party integrations, these risks further underscore the need for organisations to regularly remove unused roles and enforce minimum privileges. A proactive approach will not only keep organisations ahead of emerging threats, it will limit the threat of identity-based attacks and risk of third-party exposure.”
Datadog’s 2025 State of Cloud Security is available now – read the full report here. To learn more about how Datadog helps companies secure their cloud environments, visit: https://www.datadoghq.com/product/cloud-security-management/.
