How Twilio Improved Control of AWS Root Credentials at Scale

Twilio has improved control of its AWS root credentials by implementing a multi-account strategy with every AWS account created, standardizing the process for handling high-stake credentials within the organization. The company defined the Twilio Cloud Security Standard (TCSS) that guided their cloud security journey and updated it to include a better process for managing AWS account root users, including setting standards for passwords, MFA, primary contact email, and phone number. By implementing a centralized approach to manage credentials and applying an AWS Organization SCP, Twilio significantly decreased the time needed to gain access to AWS root users when responding to incidents.