Secure service accounts with proper permissions and key rotation.

• Avoid long-lived access keys whenever possible
• Use instance profiles or managed identities (e.g., IAM roles for EC2, Azure Managed Identities) for applications
• If keys must be used, implement automated rotation every 90 days
• Scope service account permissions tightly to specific resources