Handle with Care: The Fragile Reality of Cloud Emergency Access

Break-glass or emergency access accounts represent the last line of defence in cloud environments, reserved for scenarios when identity providers fail, automated systems misfire, or administrators lock themselves out.

Yet these accounts are paradoxical: the very credentials designed to save an organization in crisis are often the weakest link in its identity strategy. Poorly protected emergency accounts, shared passwords, and a lack of monitoring leave them vulnerable to insider misuse and external compromise.

This talk explores the fragility of break-glass accounts in modern cloud platforms such as Azure, AWS and GCP. We will examine real-world risks including password sprawl, over-privileged access, and alerting blind spots, and demonstrate how attackers actively target these “emergency access accounts.” More importantly, we will outline practical mitigations: implementing just-in-time controls, hardware-backed MFA, automated alerting, vaulting and rotation strategies, and continuous validation of access paths.

Attendees will leave with a clear understanding of the threats facing emergency access accounts, and a blueprint for balancing resilience with security, hopefully ensuring that when the glass breaks, it does so on your terms.